Android Code Snippet Http Login example using HttpUtils2

Discussion in 'Code Snippets' started by aeric, Jan 30, 2015.

  1. aeric

    aeric Active Member Licensed User

    Http Login example using HttpUtils2

    HttpLogin_preview.png

    Introduction:
    Hi members, this is my first code sharing in this forum. This example is using HttpUtils2 library included in B4A v4.0. Hope this Code Snippet would help those who need a simple example on how to get started with log in to a website using user id and password.

    The details for this example:
    1. The website (a free hosting website by 000webhost.com which provide MySQL database and php)
    2. The B4A app has a log in screen with 2 TextEdits and a button.
    3. Key in the following credentials and click the "Login" button to test the app:
    - User ID: demo
    - Password: 12345
    4. If User ID and password are correct, it will show up "Welcome, B4A User". Otherwise, it will show "Wrong user name or password"
    * Note: Since I use a free hosting. The return message will show some overhead such as <!-- Hosting24 Analytics Code -->. This will not display in paid hosting.

    The MySQL database is created from Cpanel and the tbl_user table is created using phpMyadmin which contains 3 fields (user_id, user_name, password)

    B4A code
    Code:
    #Region  Project Attributes
        
    #ApplicationLabel: HTTP Login
        
    #VersionCode: 1
        
    #VersionName:
        
    'SupportedOrientations possible values: unspecified, landscape or portrait.
        #SupportedOrientations: portrait
        
    #CanInstallToExternalStorage: False
    #End Region

    #Region  Activity Attributes
        
    #FullScreen: False
        
    #IncludeTitle: True
    #End Region

    Sub Process_Globals
        
    'These global variables will be declared once when the application starts.
        'These variables can be accessed from all modules.

    End Sub

    Sub Globals
        
    'These global variables will be redeclared each time the activity is created.
        'These variables can only be accessed from this module.

        
    Private btnLogin As Button
        
    Private Label1 As Label
        
    Private Label2 As Label
        
    Private Label3 As Label
        
    Private Panel1 As Panel
        
    Private txtPassword As EditText
        
    Private txtUserID As EditText
    End Sub

    Sub Activity_Create(FirstTime As Boolean)
        
    Activity.LoadLayout("frmlogin")
    End Sub

    Sub Activity_Resume

    End Sub

    Sub Activity_Pause (UserClosed As Boolean)

    End Sub

    Sub btnLogin_Click
        
    Dim strUsername As String = txtUserID.Text.Trim
        
    If strUsername = "" Then
            
    Msgbox("Please enter User ID""Error")
            
    Return
        
    End If 
        
    Dim strPassword As String = txtPassword.Text.Trim
        
    If strPassword = "" Then
            
    Msgbox("Please enter Password""Error")
            
    Return
        
    End If 
     
        
    Dim job1 As HttpJob
        job1.Initialize(
    "Login", Me) 
        job1.Download2(
    "http://kbase.herobo.com/login.php", _
        
    Array As String("user_id",strUsername,"password",strPassword))
        
    ProgressDialogShow("Connecting to server...")
    End Sub

    Sub JobDone (Job As HttpJob)
        
    ProgressDialogHide
        
    Log("JobName = " & Job.JobName & ", Success = " & Job.Success)
        
    If Job.Success = True Then
            
    Dim strReturn As String
            
    Log(Job.GetString)
            strReturn = Job.GetString
            Label3.Text = strReturn
        
    Else
            
    Log("Error: " & Job.ErrorMessage)
            
    ToastMessageShow("Error: " & Job.ErrorMessage, True)
        
    End If
        Job.Release
    End Sub
    PHP Webservice (login.php)
    PHP:
    <?php
    $host 
    "mysql16.000webhost.com";
    $db "a1438837_db";
    $user "a1438837_id";
    $pw "a1438837";

    $con mysql_connect($host,$user,$pw) or die(mysql_error());
    mysql_select_db($db) or die(mysql_error());
    mysql_query("SET CHARACTER SET utf8");
    mysql_query("SET NAMES 'utf8'");

    $uid $_GET["user_id"];
    $pwd $_GET["password"];

    $res mysql_query("SELECT user_name FROM tbl_user WHERE user_id = '$uid' AND password = '$pwd'");
    $count mysql_num_rows($res);

    if (
    $count == 0) {
        echo 
    'Wrong user name or password!';
    }
    else {
        if (
    $row mysql_fetch_array($res)) {
            echo 
    'Welcome, '.$row['user_name'];
        }
    }
    ?>
    Please comment and feedback. Thanks.
     

    Attached Files:

    Last edited: Jun 5, 2015
  2. lemonisdead

    lemonisdead Well-Known Member Licensed User

    Dear @aeric, thanks a lot for this great example. But generally speaking, for security reasons, you should preferably use web services instead of querying your database directly from your application. This is only a thought and an advice.
     
    aeric likes this.
  3. aeric

    aeric Active Member Licensed User

    I am still beginner in B4A and not familiar with web services. I will explore more when I have time. Thanks.
     
    lemonisdead likes this.
  4. Reids

    Reids Member Licensed User

    What the problem with the code? it look cool, no querying from b4a app, the php code hosted on webserver as webservice
    but only

    $uid = $_GET["user_id"];
    $pwd = $_GET["password"];

    need more secured just adding mysql_real_escape_string() to prevent sql injection and magic quote bypass

    $uid = mysql_real_escape_string($_GET["user_id"]);
    $pwd = mysql_real_escape_string($_GET["password"]);
     
    aeric likes this.
  5. aeric

    aeric Active Member Licensed User

    Thanks Reids for sharing the tips on using mysql_real_escape_string().
     
  6. aeric

    aeric Active Member Licensed User

    First post edited with HttpLogin.b4a code and preview image.
     
    b1k1m1 likes this.
  7. hibrid0

    hibrid0 Active Member Licensed User

    Hi aeric, thanks for share your creation.
    I'm testing it, and I create 3 user in the db.
    1. demo/12345
    2. demo1/123456
    3. demo2/1234567

    And the code work fine with the first user called "demo", but when I try with "demo1" or "demo2" the php script say 'Wrong user name or password!'.

    I dont know much about php.
    Can you helpme?
     
  8. aeric

    aeric Active Member Licensed User

    Hi hibrid0,

    Here are a few things you can check:
    1. Please make sure you sign in using the correct pair of username and password.
    2. Please make sure the users are registered and saved into the database. You can use phpmyadmin to browse the records inside tbl_user table.

    This is my first posting. I recommend you to take a look at my another example:
    Register User example using HttpUtils2
     
  9. hibrid0

    hibrid0 Active Member Licensed User

    Hi thanks for your quick reply.
    1. Yes, user and password is correct and I input the right and wrong password for test.
    2. Yes, I added the new users in the db
    3. I can't add the option to register the user in app login, because is a private app, not for public.

    I go to check your new example.
     
  10. jahswani

    jahswani Active Member Licensed User

    The upload.
     

    Attached Files:

  11. aeric

    aeric Active Member Licensed User

    hi jahswani,
    I found inside member.php, you have the following header:
    PHP:
    <?php
    error_reporting
    (E_ALL E_DEPRECATED);
    $host "192.168.43.33";
    $db "reglog";
    $user "root";
    $pw "";
    However, inside signup.php and signin.php, you are putting "localhost" as your $host. Try edit the $host set to your server IP.
     
    f0raster0 likes this.
  12. jahswani

    jahswani Active Member Licensed User

    Ok bro let me correct and test...
    EDIT:2 minutes later...
    Thanks bro it works like a charm.
     
    Last edited: Jun 5, 2015
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice