Android Code Snippet Register User example using HttpUtils2

Discussion in 'Code Snippets' started by aeric, Mar 27, 2015.

  1. aeric

    aeric Active Member Licensed User

    Due to many confusion of register.php in a line of code somewhere in signup.php script, I have reuploaded in the first post attachment. Sorry for the inconvenience.
    inakigarm likes this.
  2. Celso

    Celso Member Licensed User

  3. aeric

    aeric Active Member Licensed User

    Okay. Good you found the solution.
  4. Daniel-White

    Daniel-White Active Member Licensed User

    Aeric, nice one, Thanks for share it. :)
    aeric likes this.
  5. aeric

    aeric Active Member Licensed User

    I think it is because I use wordwrap to wrap long message and force new lines. Try to modify my php code to remove the wordwrap.
    $message 'Hi ' $user ',' "\r\n" 'Please click on this link to finish the registration process:' $email '&RegNo=' $randomnumber;
    $message wordwrap($message70"\r\n");
    ibra939 likes this.
  6. ibra939

    ibra939 Active Member Licensed User

  7. aeric

    aeric Active Member Licensed User

  8. ibra939

    ibra939 Active Member Licensed User

    Thanks Aeric , some this massage show but not issue some time in application
  9. ocalle

    ocalle Active Member Licensed User

    Sorry for reply an old post, i no found another example, i tryied it and works fine, but when i login see a message with user or pass wrong, i checked the table and the data exist.
  10. achtrade

    achtrade Active Member Licensed User

    definitively encrypting the password with salt is the best way to send a password through internet. I'm using this in my apps, I can share the code if someone is interested.
    G-ShadoW likes this.
  11. G-ShadoW

    G-ShadoW Active Member Licensed User

    Please share, someone will need it for sure.

  12. achtrade

    achtrade Active Member Licensed User

    This is for create a new user

    Sub InsertNewUser

    Dim bcon As ByteConverter
    Dim salt() As Byte = Utils.CalcSalt(etPassword.text) 'Calculate salt
        Dim hash() As Byte = Utils.CalcHash(etPassword.text, salt) 'calculate hash = password + salt
    'insert in a table the new user using RDC. The table has to store the EMAIL, HASH and the SALT. The plain password is not sent or stored in the table, we don't need it.
        Dim cmd As DBCommand
        cmd.Name = 
        cmd.Parameters = 
    Array As Object(etName.Text, etLastName.Text, etEmail.Text.Trim, bcon.HexFromBytes(hash), bcon.HexFromBytes(salt), etCel.Text, etZipCode.Text)
    0, NEW_USER)
    End Sub

    Public Sub CalcSalt(Password As StringAs Byte()
    Dim salt(48As Byte
    Dim sr As SecureRandom
    Return salt
    End Sub

    Public Sub CalcHash(Password As String, salt() As Byte) As Byte()
    Dim md As MessageDigest
    Dim spassword() As Byte = md.GetMessageDigest(Password.GetBytes("UTF8"), "SHA-512")
    Dim pbAndSalt(spassword.Length + salt.Length) As Byte
    Dim bc As ByteConverter
    0, pbAndSalt, 0, spassword.Length)
    0, pbAndSalt, spassword.Length, salt.Length)
    Return md.GetMessageDigest(pbAndSalt, "SHA-512")
    End Sub
    this is for validate an existing user

    First we have to find the SALT for this user, recovering the SALT from the table.

    Sub FindUserSalt

    Dim cmd As DBCommand
        cmd.Name = 
        cmd.Parameters = 
    Array As Object(etUser.text)
    End Sub
    once we have the SALT we have to calculate the HASH with the given password + the recovered SALT and compare it with the HASH in the table, if they are equal, the password is valid.

    Sub ValidateUser
    Dim bcon As ByteConverter
    Dim hash() As Byte = Utils.CalcHash(etPassword.text,bcon.HexToBytes(UserSalt))
    Dim cmd As DBCommand
        cmd.Name = 
        cmd.Parameters = 
    Array As Object(etUser.Text, bcon.HexFromBytes(hash))
    End Sub
    in my case, i'm comparing the hash inside a stored procedure for easy maintenance. Just find the user in the table get its hash from the table and compare it with hash sent it, it they are equal I return the userid otherwise a return 0 and 0 means invalid user.

    this is my user table

    userid integer autoincrement
    email char(50)
    hash char(255)
    salt char(255)

    Last edited: Oct 13, 2017
    ocalle, asales, somed3v3loper and 2 others like this.
  13. Jake Myrix

    Jake Myrix New Member

    Can I use xampp for the database?
  14. KMatle

    KMatle Expert Licensed User

    Yes. Note that Xampp is just a package containing Apache and MySQL. I use Xampp for my test environment.
  15. aeric

    aeric Active Member Licensed User

  16. Mas Afi

    Mas Afi Member Licensed User

    How about php session;
    I mean for member.php
    How to filter user that already sign in.
    I prefer user session_start();
  17. ocalle

    ocalle Active Member Licensed User

    Can be useful interoperate with JRC2 connector to get more security
  18. aeric

    aeric Active Member Licensed User

    When we develop mobile app using web API, we "normally" don't use session. You can read about json web token here.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice