0

I have the following api on phpmyadmin. Now i want to learn how to send the email and password (String values) using volley lib.

<?php
 defined('BASEPATH') OR exit('No direct script access allowed');

class Login extends MX_Controller {

public function index()
{
    $json = file_get_contents('php://input');
    $obj = json_decode($json, true);

    $email = $obj['email'];
    $password = $obj['password'];

    if ($obj['email']!="") {

        $this->load->module('camps');

        $mysql_query = "SELECT * FROM accounts where email='$email' and password='$password'";
        $result = $this->camps->_custom_query($mysql_query);

        $query = $result->num_rows();

        if ($query==0) {
            echo json_encode($password);

        }

        else {
            echo json_encode('OK');
        }


    }

    else {
        echo json_encode('Try Again');
    }
}


}

}

I have already tried using getParams() method like this but its not working.

Note: uname and password are EditTexts

protected Map<String, String> getParams() throws AuthFailureError {


                    Map<String, String> params = new HashMap<String, String>();

                    params.put("email",uname.getText().toString());
                    params.put("password",password.getText().toString());

                    return params;
                }
OneCricketeer
  • 179,855
  • 19
  • 132
  • 245
Viddyut Khanvilkar
  • 295
  • 3
  • 11
  • You should be using a JsonObjectRequest and sending a JsonObject with email and password fields. Note, passwords should really not be in plain text – OneCricketeer Sep 11 '18 at 07:08
  • @cricket_007 could you tell me how can i send JsonObject with these feilds. – Viddyut Khanvilkar Sep 11 '18 at 08:48
  • Are you having issue creating a `new JSONObject()`? The documentation for it is fairly straightforward https://developer.android.com/training/volley/request – OneCricketeer Sep 11 '18 at 14:41
  • See example https://stackoverflow.com/a/26033484/2308683 or use Gson as a useful library https://developer.android.com/training/volley/request-custom – OneCricketeer Sep 11 '18 at 14:44

2 Answers2

0

You can make a stringRequest using volley.

Make sure you added access Internet permission in your manifest

uses-permission android:name="android.permission.INTERNET" 

RequestQueue queue = Volley.newRequestQueue(this);

StringRequest stringRequest = new StringRequest(Request.Method.POST, Your_url, new Response.Listener<String>() {
        @Override
        public void onResponse(String response) {
            parseYourResponse(response);

        }
    }, new Response.ErrorListener() {
        @Override
        public void onErrorResponse(VolleyError error) {
            Toast.makeText(LoginActivity.this, "Some Error Occurs!", Toast.LENGTH_SHORT).show();
        }
    }) {
        @Override
        protected Map<String, String> getParams() throws AuthFailureError {
            Map<String, String> params = new HashMap<>();
            params.put("username",uname.getText().toString());
            params.put("password", password.getText().toString());
            return params;
        }
    };

    queue.add(stringRequest);
Chandan
  • 187
  • 1
  • 8
0

Additionally, in your web service you should use prepared queries, and do not directly use the variables in the sql query. That is a very insecure practice. For example:

<?php

    $email= $_REQUEST['email'];
    $password = $_REQUEST['pass'];


    if (isset($email)){

    $res=$dbh->prepare("select * from accounts where email=:email and password=:passw ;");

    $res->execute(array(':email' => $email, ':passw' => md5($password)));

    $datos = array();

    foreach ($res as $row) {

        $datos[] = $row;

    }

    echo json_encode($datos);
?>

With this you avoid sql injections and your code is more secure.

Mimmetico
  • 422
  • 9
  • 25