-1

I have created an android app that logins into a MySQL database but I don't receive any results. The 'result' variable in the alert dialog box in backgroundWorker.java (function "onPostExecute") returns null, can anyone solve this problem?

BackgroundWorker.java` public class BackgroundWorker extends 

 AsyncTask<String,String,String> {
    Context context;
    AlertDialog alertDialog;
    BackgroundWorker(Context ctx)
    {
      context =ctx;
    }

    @Override
    protected String doInBackground(String... params) {
        String type=params[0];

        String login_url="192.168.10.9/login.php";

        if(type.equals("login"))
        {

            try {
                String user_name = params[1];
                String password = params[2];
                URL url = new URL(login_url);
                HttpURLConnection httpURLConnection = (HttpURLConnection)url.openConnection();
                httpURLConnection.setRequestMethod("POST");
                httpURLConnection.setDoOutput(true);
                httpURLConnection.setDoInput(true);
                OutputStream outputStream = httpURLConnection.getOutputStream();
                BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(outputStream, "UTF-8"));
                String post_data = URLEncoder.encode("user_name","UTF-8")+"="+URLEncoder.encode(user_name,"UTF-8")+"&"
                        +URLEncoder.encode("password","UTF-8")+"="+URLEncoder.encode(password,"UTF-8");
                bufferedWriter.write(post_data);
                bufferedWriter.flush();
                bufferedWriter.close();
                outputStream.close();
                InputStream inputStream = httpURLConnection.getInputStream();
                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream,"iso-8859-1"));
                String result="";
                String line="";
                while((line = bufferedReader.readLine())!= null) {

                    result += line;
                }
                bufferedReader.close();
                inputStream.close();
                httpURLConnection.disconnect();
                return result;
            } catch (MalformedURLException e) {
                e.printStackTrace();
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
        return null;
    }
    @Override
    protected void onPreExecute() {
       alertDialog=new AlertDialog.Builder(context).create();
        alertDialog.setTitle("Login Status");

    }

    @Override
    protected void onPostExecute(String Result) {
        Log.i("ok", "Result " + Result);
        alertDialog.setMessage(Result);
        alertDialog.show();

    }

CheckConn.java

public class CheckConn extends AppCompatActivity {
EditText user;
EditText pass;
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.check_conn);


    user = (EditText) findViewById(R.id.et_u);
    pass = (EditText) findViewById(R.id.et_p);
    Button press = (Button) findViewById(R.id.btn_login);
    press.setOnClickListener(new View.OnClickListener() {
        @Override
        public void onClick(View v) {
            onLogin();
        }
    });
}

public void onLogin()
{
    String username= user.getText().toString();
    String password=pass.getText().toString();
    String type="login";

    BackgroundWorker backgroundWorker=new BackgroundWorker(this);

    backgroundWorker.execute(type,username,password);
}

}

connection.php

<?php

 $mysql_usernmae="root";
 $mysql_password="*****";
 $db="map";

 $db= new mysqli('localhost',$mysql_usernmae,$mysql_password,$db);

 ?>

login.php

<?php
 require "connection.php";
 $user_name=$_POST["user_name"];
 $user_pass=$_POST["password"];
 $mysql_qry="select * from user_info where user_name like
 '$user_name' and user_password like 'user_pass';";
  $result=mysqli_query($db,$mysql_qry);
  if (mysqli_num_rows($result) > 0)
 {
  echo "login Successsss";
  }
else
{
echo "faileddddd Booooo";
}
?>

`

Emre Yazici
  • 10,136
  • 6
  • 48
  • 55
Freaks
  • 11
  • 1
  • **Never store plain text passwords!** Please use PHP's [built-in functions](http://jayblanchard.net/proper_password_hashing_with_PHP.html) to handle password security. If you're using a PHP version less than 5.5 you can use the `password_hash()` [compatibility pack](https://github.com/ircmaxell/password_compat). Make sure you ***[don't escape passwords](http://stackoverflow.com/q/36628418/1011527)*** or use any other cleansing mechanism on them before hashing. Doing so *changes* the password and causes unnecessary additional coding. – Jay Blanchard Sep 29 '16 at 17:01
  • [Little Bobby](http://bobby-tables.com/) says ***[your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php)*** Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Even [escaping the string](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) is not safe! [Don't believe it?](http://stackoverflow.com/q/38297105/1011527) – Jay Blanchard Sep 29 '16 at 17:02
  • Other than the justified other comments, I suspect your code throws and catches an Exception. That means there's a stacktrace somewhere. – f1sh Sep 29 '16 at 17:10

1 Answers1

-1

why you don't ejecute first your login.php file in the browser, harcode the values for user_name and user_pass, and check if the connection is working on server side,

after that you can check if your user and pass are coming from android app, I must assume you have a database with some data in the table you are making the query, also check if the name of database, table, query are correct, you can check with MySQL workbench if the query works and is returning some result.

Pavul Zavala
  • 427
  • 5
  • 11