ウェブサーバーにログインしている問題

Question

私のプロジェクトに問題があります。 1.私はwww.kinandayu.comにウェブサーバーを持っています。私は成功してwww.kinandayu.com/data_signup.phpにサインアップするシステムを構築しました。 2.私のアプリケーションにログインシステムを作りたいと思います。これはsessionmanager.javaで、これはsigninactivity.java

package com.example.mdesigntemp; 

import java.util.ArrayList; 
import java.util.HashMap; 
import org.json.JSONArray; 
import org.json.JSONObject; 
import android.app.ActionBar; 
import android.app.Activity; 
import android.app.ProgressDialog; 
import android.content.Intent; 
import android.graphics.Color; 
import android.os.AsyncTask; 
import android.os.Bundle; 
import android.util.Log; 
import android.view.Gravity; 
import android.view.View; 
import android.view.View.OnClickListener; 
import android.view.Window; 
import android.widget.Button; 
import android.widget.EditText; 
import android.widget.RelativeLayout; 
import android.widget.TextView; 
import android.widget.RelativeLayout.LayoutParams; 
import android.widget.Toast; 

public class LoginActivity extends Activity { 

ActionBar actionbar; 
TextView textview; 
LayoutParams layoutparams; 
Button btlogin; 
EditText edEmail, edPassword; 
SessionManager session; 
String url, success; 



@Override 
protected void onCreate(Bundle savedInstanceState) { 
    super.onCreate(savedInstanceState); 
    getWindow().requestFeature(Window.FEATURE_ACTION_BAR); 
    getActionBar().hide(); 
    setContentView(R.layout.login_activity); 

    session = new SessionManager(getApplicationContext()); 
    Toast.makeText(getApplicationContext(), 
      "User Login Status: " + session.isLoggedIn(), Toast.LENGTH_LONG) 
      .show(); 

    btlogin = (Button)findViewById(R.id.btlogin); 
    edEmail = (EditText) findViewById(R.id.edEmail); 
    edPassword = (EditText) findViewById(R.id.edPassword); 
    TextView registerScreen = (TextView) findViewById(R.id.btDaftar); 

    registerScreen.setOnClickListener(new View.OnClickListener() { 
     public void onClick(View v) { 
      Intent i = new Intent(getApplicationContext(), SignupActivity.class); 
      startActivity(i); 
      finish(); 
     } 
    }); 

    btlogin.setOnClickListener(new View.OnClickListener() { 

     @Override 
     public void onClick(View v) { 
     //String email = edEmail.getText().toString(); 
     //String password = edPassword.getText().toString(); 
     //String theemail = email.replace("" , "%20"); 
     //String thepassword = password.replace("", "%20"); 
     url = "http://www.kinandayu.com/data_login.php" + "email=" 
       + edEmail.getText().toString() + "password=" 
       + edPassword.getText().toString(); 


     if (edEmail.getText().toString().trim().length() > 0 
       && edPassword.getText().toString().trim().length() > 0) 
     { 
      new Masuk().execute(); 
     } 
     else 
     { 
      Toast.makeText(getApplicationContext(), "Field is empty!!", Toast.LENGTH_LONG).show(); 
     } 
     } 
    }); 
} 

public class Masuk extends AsyncTask<String, String, String> 
{ 
    ArrayList<HashMap<String, String>> contactList = new ArrayList<HashMap<String, String>>(); 
    ProgressDialog pDialog; 

    @Override 
    protected void onPreExecute() { 

     super.onPreExecute(); 
     pDialog = new ProgressDialog(LoginActivity.this); 
     pDialog.setMessage("Please wait a moment ..."); 
     pDialog.setIndeterminate(false); 
     pDialog.setCancelable(true); 
     pDialog.show(); 
    } 

    @Override 
    protected String doInBackground(String... params) { 
     SignInJSON jParser = new SignInJSON(); 

     JSONObject json = jParser.getJSONFromUrl(url); 

     try { 
      success = json.getString("success"); 

      Log.e("error", "nilai sukses=" + success); 

      JSONArray result = json.getJSONArray("kinanday_TesDB"); 

      if (success.equals("1")) { 

       for (int i = 0; i < result.length(); i++) { 

        JSONObject c = result.getJSONObject(i); 

        //String password = c.getString("password").trim(); 
        String email = c.getString("email").trim(); 
        session.createLoginSession(email); 
        Log.e("ok", " ambil data"); 

       } 
      } else { 
       Log.e("erro", "tidak bisa ambil data 0"); 
      } 

     } catch (Exception e) {     
      Log.e("erro", "tidak bisa ambil data 1"); 
     } 

     return null; 
    } 

    @Override 
    protected void onPostExecute(String result) { 

     super.onPostExecute(result); 
     pDialog.dismiss(); 
     if (success.equals("1")) { 
      Intent in = new Intent(LoginActivity.this, MainActivity.class); 
      startActivity(in); 
      finish(); 
    } else { 

     Toast.makeText(getApplicationContext(), "Incorrect Email Or Password", Toast.LENGTH_LONG).show(); 
     } 
    } 
} 
} 

ある

package com.example.mdesigntemp; 

import java.io.BufferedReader; 
import java.io.IOException; 
import java.io.InputStream; 
import java.io.InputStreamReader; 
import java.io.UnsupportedEncodingException; 
import java.util.List; 
import org.apache.http.HttpEntity; 
import org.apache.http.HttpResponse; 
import org.apache.http.NameValuePair; 
import org.apache.http.client.ClientProtocolException; 
import org.apache.http.client.entity.UrlEncodedFormEntity; 
import org.apache.http.client.methods.HttpGet; 
import org.apache.http.client.methods.HttpPost; 
import org.apache.http.client.utils.URLEncodedUtils; 
import org.apache.http.impl.client.DefaultHttpClient; 
import org.json.JSONException; 
import org.json.JSONObject; 
import android.util.Log; 

public class SignInJSON { 

static InputStream is = null; 
static JSONObject jObj = null; 
static String json = ""; 

public SignInJSON() { 

} 

public JSONObject getJSONFromUrl(String url) { 

    // Making HTTP request 
    try { 
     // defaultHttpClient 
     DefaultHttpClient httpClient = new DefaultHttpClient(); 
     HttpPost httpPost = new HttpPost(url); 

     HttpResponse httpResponse = httpClient.execute(httpPost); 
     HttpEntity httpEntity = httpResponse.getEntity(); 
     is = httpEntity.getContent(); 

    } catch (UnsupportedEncodingException e) { 
     e.printStackTrace(); 
    } catch (ClientProtocolException e) { 
     e.printStackTrace(); 
    } catch (IOException e) { 
     e.printStackTrace(); 
    } 

    try { 
     BufferedReader reader = new BufferedReader(new InputStreamReader(
       is, "iso-8859-1"), 8); 
     StringBuilder sb = new StringBuilder(); 
     String line = null; 
     while ((line = reader.readLine()) != null) { 
      sb.append(line + "\n"); 
     } 
     is.close(); 
     json = sb.toString(); 
    } catch (Exception e) { 
     Log.e("Buffer Error", "Error converting result " + e.toString()); 
    } 

    // try parse the string to a JSON object 
    try { 
     jObj = new JSONObject(json); 
    } catch (JSONException e) { 
     Log.e("JSON Parser", "Error parsing data " + e.toString()); 
    } 

    // return JSON String 
    return jObj; 

} 

public JSONObject makeHttpRequest(String url, String method, 
     List<NameValuePair> params) { 

    // Making HTTP request 
    try { 

     // check for request method 
     if (method == "POST") { 
      // request method is POST 
      // defaultHttpClient 
      DefaultHttpClient httpClient = new DefaultHttpClient(); 
      HttpPost httpPost = new HttpPost(url); 
      httpPost.setEntity(new UrlEncodedFormEntity(params)); 

      HttpResponse httpResponse = httpClient.execute(httpPost); 
      HttpEntity httpEntity = httpResponse.getEntity(); 
      is = httpEntity.getContent(); 

     } else if (method == "GET") { 
      // request method is GET 
      DefaultHttpClient httpClient = new DefaultHttpClient(); 
      String paramString = URLEncodedUtils.format(params, "utf-8"); 
      url += "?" + paramString; 
      HttpGet httpGet = new HttpGet(url); 

      HttpResponse httpResponse = httpClient.execute(httpGet); 
      HttpEntity httpEntity = httpResponse.getEntity(); 
      is = httpEntity.getContent(); 
     } 

    } catch (UnsupportedEncodingException e) { 
     e.printStackTrace(); 
    } catch (ClientProtocolException e) { 
     e.printStackTrace(); 
    } catch (IOException e) { 
     e.printStackTrace(); 
    } 

    try { 
     BufferedReader reader = new BufferedReader(new InputStreamReader(
       is, "iso-8859-1"), 8); 
     StringBuilder sb = new StringBuilder(); 
     String line = null; 
     while ((line = reader.readLine()) != null) { 
      sb.append(line + "\n"); 
     } 
     is.close(); 
     json = sb.toString(); 
    } catch (Exception e) { 
     Log.e("Buffer Error", "Error converting result " + e.toString()); 
    } 

    // try parse the string to a JSON object 
    try { 
     jObj = new JSONObject(json); 
    } catch (JSONException e) { 
     Log.e("JSON Parser", "Error parsing data " + e.toString()); 
    } 

    // return JSON String 
    return jObj; 

} 
} 

：私は以下のようなコードを持って

package com.example.mdesigntemp; 
import java.util.HashMap; 
import android.annotation.SuppressLint; 
import android.content.Context; 
import android.content.Intent; 
import android.content.SharedPreferences; 
import android.content.SharedPreferences.Editor; 
import android.text.LoginFilter.UsernameFilterGeneric; 
@SuppressLint("CommitPrefEdits") 
public class SessionManager { 
// Shared Preferences 
SharedPreferences pref; 

// Editor for Shared preferences 
Editor editor; 

// Context 
Context _context; 

// Shared pref mode 
int PRIVATE_MODE = 0; 

// nama sharepreference 
private static final String PREF_USERNAME = "Sesi"; 

// All Shared Preferences Keys 
private static final String IS_LOGIN = "IsLoggedIn"; 
public static final String KEY_USERNAME = "username"; 
public static final String KEY_EMAIL = "email"; 

// Constructor 
public SessionManager(Context context){ 
    this._context = context; 
    pref = _context.getSharedPreferences(PREF_USERNAME, PRIVATE_MODE); 
    editor = pref.edit(); 
} 

/** 
* Create login session 
* */ 
public void createLoginSession(String email){ 
    // Storing login value as TRUE 
    editor.putBoolean(IS_LOGIN, true); 

    editor.putString(KEY_EMAIL, email); 
    editor.commit(); 
} 

/** 
* Check login method wil check user login status 
* If false it will redirect user to login page 
* Else won't do anything 
* */ 
public void checkLogin(){ 
    // Check login status 
    if(!this.isLoggedIn()){ 
     Intent i = new Intent(_context, MainActivity.class); 

     i.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK); 
     _context.startActivity(i); 
     //((Activity)_context).finish(); 
    } 

} 

/** 
* Get stored session data 
* */ 
public HashMap<String, String> getUserDetails(){ 
    HashMap<String, String> user = new HashMap<String, String>(); 

    user.put(KEY_USERNAME, pref.getString(KEY_USERNAME, null)); 
    user.put(KEY_EMAIL, pref.getString(KEY_EMAIL, null)); 

    return user; 
} 

/** 
* Clear session details 
* */ 
public void logoutUser(){ 
    // Clearing all data from Shared Preferences 
    editor.clear(); 
    editor.commit(); 

    Intent i = new Intent(_context, MainActivity.class); 
    i.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP); 
    i.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK); 
    _context.startActivity(i); 
} 

public boolean isLoggedIn(){ 
    return pref.getBoolean(IS_LOGIN, false); 
} 
} 

私は、正しいユーザー名でログインしようとすると、問題があると正しいパスワードを入力すると、アプリケーションがメイン（仕事）に行くようになります。ユーザー名が正しいが、パスワードが正しくない場合、私はその活動に私を連れて行くでしょう。電子メールが間違っている場合、アプリケーションは強制的に停止します。私はこの（http://adi-hidayat.com/android-login-logout-dengan-android-mysql/）チュートリアルからこのコードを取るが、私は間違いがどこにあるのか知りません。すべての答えは非常に私を助ける。

Answer 1

url = "http://www.kinandayu.com/data_login.php" + "email=" 
      + edEmail.getText().toString() + "password=" 
      + edPassword.getText().toString(); 

このコードを完全に放棄してやり直すことをお勧めします。これは非常に危険で、セキュリティ保護されていないhttp接続を介してユーザーのパスワードを平文で送信することになります。

これはあなたが聞きたがっている答えではないことを認識しています...セキュリティで保護されたログインシステムを構築する例の1つとして、他のサービスとアプリがOAuthをどのように実装しているかを見てください。