1

I am creating an iPhone app which sends a username and password to a php script, the php script then looks in a mySQL database for the values and sets a boolean to either 0 or 1, depending on whether or not the user should be authenticated. I really have no idea where to start or even what I should Google to look into how to do this.

Is this feasible? Is this the proper way to authenticate a user in an iOS app?

Thanks!

thebiglebowski11
  • 1,451
  • 10
  • 41
  • 76
  • 1
    Yes, this can be done, it may even be relatively secure if you use HTTPS and don't pass username/password in clear text. But what is your question? How to build the back-end server program? – Aleks G Feb 22 '12 at 16:38
  • Well I have the iOS part done, which sends the username and password to the php script. The script is then able to connect to my database and look through to see if those values exist. Once it either finds the correct username/password it sets the boolean or it continues to then of the DB... So I have all of that done. I need to know how to send the authentication boolean back to tell the iOS app whether or not the username/password exists in the DB. – thebiglebowski11 Feb 22 '12 at 16:41
  • Regardless of the technology you use (PHP/MySQL or JAVA/MySQL or PHP/PostgreSQL), in general, the procedure is correct. You always need a communication between a client (the iPhone in your case) and the server. – bitfox Feb 22 '12 at 16:46
  • Right, so how can the server send a message back to the client? The iPhone needs to know whether or not the user was authenticated to make its next decision. – thebiglebowski11 Feb 22 '12 at 16:47
  • you can do that by generating XML or JSON and then reading the content from it. check my answer for the explanation. – Ibrahim Azhar Armar Feb 22 '12 at 16:55
  • Check out ASIHTTPRequest, or specifically ASIFormDataRequest on the following page, to set POST data to PHP via iOS: http://allseeing-i.com/ASIHTTPRequest/How-to-use – Luke Feb 22 '12 at 17:03

4 Answers4

1

There are various types to achieve this.

a) Generate an XML or JSON file in PHP, and read the content back in iOS. (this method gives you the benefit of fetching any extra data if you want).

b) Send back HTTP header() from PHP, and read the HTTP response code. you can do something like this.

function checkLogin()
{
    //Check login
    if($login == true) {
        header('HTTP/1.1 200 OK');
    } else {
        header('HTTP/1.1 401 Unauthorized');
    }
}

c) You can output anything in PHP(plain text, JSON, HTML etc.), as the output generated by PHP will be received as HTTP response.

Ibrahim Azhar Armar
  • 25,288
  • 35
  • 131
  • 207
  • If I just wanted to get the '1' or '0' from the output and not all the html that goes with it, do I need to write the 1 (or 0) to another location? – thebiglebowski11 Feb 24 '12 at 02:03
0

Anything the PHP script outputs will be returned as the HTTP response. Simply output something meaningful, and read it in the client.

Ignacio Vazquez-Abrams
  • 776,304
  • 153
  • 1,341
  • 1,358
0

You can write a php script like this:

<?php

// the authentication procedures memorized in the $authentication variable the result of authentication process. Supposed to be 1 if successful

echo $authentication;

?>

Call this script from your iOS by using an NSURLRequest object for example.

P.S.: However, for data exchange between the client and the server you should use the JSON format.

bitfox
  • 2,281
  • 1
  • 18
  • 17
0

The simplest solution would be to use HTTP status codes. Then you don't even have to care about the response body.

If authenticated: "HTTP 200 OK"
If unauthorized: "HTTP 401 Unauthorized"

Resource: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

CodeZombie
  • 5,367
  • 3
  • 30
  • 37