Php Session Destroyed In Android Application
Solution 1:
Your Php script uses a session token to identify the visitor when you browse the site via a browser. Ususally its stored in a PHPSESSID variable.
If you want your Android application to stay authenticated on the server side you need to fetch that id after the first connection and then send it in the headers of all your subsequent requests.
**EDIT : ** This is what you want to do : How do I manage cookies with HttpClient in Android and/or Java?
Solution 2:
You can use an active DefaultHttpClient connection and make validations on each mobile-request, at server side, through $_SESSION. Here is a small sample code (is not for production)
First there is a class:
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.ArrayList;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicNameValuePair;
public class NetClient {
private HttpClient client = null;
public NetClient() {
client = new DefaultHttpClient();
}
public String request(String url) throws ClientProtocolException, IOException {
HttpPost post = new HttpPost(url);
HttpResponse res = client.execute(post);
BufferedReader br = new BufferedReader(new InputStreamReader(res.getEntity().getContent()));
String data = "";
String line = "";
while ((line = br.readLine()) != null) {
data = data + line;
}
return data;
}
public String login(String url) throws ClientProtocolException, IOException {
HttpPost post = new HttpPost(url);
ArrayList pa = new ArrayList();
pa.add( new BasicNameValuePair( "username", "admin"));
pa.add( new BasicNameValuePair( "password", "admin"));
post.setEntity( new UrlEncodedFormEntity(pa, "UTF-8"));
HttpResponse res = client.execute(post);
BufferedReader br = new BufferedReader(new InputStreamReader(res.getEntity().getContent()));
String data = "";
String line = "";
while ((line = br.readLine()) != null) {
data = data + line;
}
return data;
}
}
Then at mainactivity.java
StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder().permitAll().build();
StrictMode.setThreadPolicy(policy);
try {
NetClient n = new NetClient();
String k = n.login("http://x.com/testAREA/securetrans/login.php");
Log.w("login result", k);
String l = n.request("http://x.com/testAREA/securetrans/content.php");
Log.w("ask if logged in", l);
} catch (ClientProtocolException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
Where login.php
<?php
session_start();
if(isset($_POST['username']))
{
$username = $_POST['username'];
$password = $_POST['password'];
if($username == 'admin' && $password == 'admin')
{
$_SESSION['username'] = $username;
echo "admin setted";
exit;
}
else
{
echo "-1";
}
}
?>
and content.php as :
<?php
session_start();
if(isset($_SESSION['username']))
{
echo "login ok";
}
else
{
echo "not login";
}
?>
When we run this sample code will end with
echo "login ok";
More information at: http://www.pipiscrew.com/2014/11/phpandroid-secure-connection-with-session-variable/
Solution 3:
I have encountered this very recently, the PHP session was not getting created when we hit the API from Android.
After spending some time, I figured it out.
For creating sessions you need to enable cookies for the API call. you have to set the handler that can accept cookies from incoming HTTP responses and provides cookies to outgoing HTTP requests.
For enabling cookies you have to add cookieJar in your OkHttpClient.
import okhttp3.JavaNetCookieJar
import java.net.CookieManager
val okHttpClient = OkHttpClient.Builder()
.cookieJar(JavaNetCookieJar(CookieManager()))
.build()
Post a Comment for "Php Session Destroyed In Android Application"