Android Code Snippet Http Login example using HttpUtils2

Http Login example using HttpUtils2



Introduction:
Hi members, this is my first code sharing in this forum. This example is using HttpUtils2 library included in B4A v4.0. Hope this Code Snippet would help those who need a simple example on how to get started with log in to a website using user id and password.

The details for this example:
1. The website (a free hosting website by 000webhost.com which provide MySQL database and php)
2. The B4A app has a log in screen with 2 TextEdits and a button.
3. Key in the following credentials and click the "Login" button to test the app:
- User ID: demo
- Password: 12345
4. If User ID and password are correct, it will show up "Welcome, B4A User". Otherwise, it will show "Wrong user name or password"
* Note: Since I use a free hosting. The return message will show some overhead such as <!-- Hosting24 Analytics Code -->. This will not display in paid hosting.

The MySQL database is created from Cpanel and the tbl_user table is created using phpMyadmin which contains 3 fields (user_id, user_name, password)

B4A code

#Region  Project Attributes
    #ApplicationLabel: HTTP Login
    #VersionCode: 1
    #VersionName:
    'SupportedOrientations possible values: unspecified, landscape or portrait.
    #SupportedOrientations: portrait
    #CanInstallToExternalStorage: False
#End Region

#Region  Activity Attributes
    #FullScreen: False
    #IncludeTitle: True
#End Region

Sub Process_Globals
    'These global variables will be declared once when the application starts.
    'These variables can be accessed from all modules.

End Sub

Sub Globals
    'These global variables will be redeclared each time the activity is created.
    'These variables can only be accessed from this module.

    Private btnLogin As Button
    Private Label1 As Label
    Private Label2 As Label
    Private Label3 As Label
    Private Panel1 As Panel
    Private txtPassword As EditText
    Private txtUserID As EditText
End Sub

Sub Activity_Create(FirstTime As Boolean)
    Activity.LoadLayout("frmlogin")
End Sub

Sub Activity_Resume

End Sub

Sub Activity_Pause (UserClosed As Boolean)

End Sub

Sub btnLogin_Click
    Dim strUsername As String = txtUserID.Text.Trim
    If strUsername = "" Then
        Msgbox("Please enter User ID", "Error")
        Return
    End If 
    Dim strPassword As String = txtPassword.Text.Trim
    If strPassword = "" Then
        Msgbox("Please enter Password", "Error")
        Return
    End If 
 
    Dim job1 As HttpJob
    job1.Initialize("Login", Me) 
    job1.Download2("http://kbase.herobo.com/login.php", _
    Array As String("user_id",strUsername,"password",strPassword))
    ProgressDialogShow("Connecting to server...")
End Sub

Sub JobDone (Job As HttpJob)
    ProgressDialogHide
    Log("JobName = " & Job.JobName & ", Success = " & Job.Success)
    If Job.Success = True Then
        Dim strReturn As String
        Log(Job.GetString)
        strReturn = Job.GetString
        Label3.Text = strReturn
    Else
        Log("Error: " & Job.ErrorMessage)
        ToastMessageShow("Error: " & Job.ErrorMessage, True)
    End If
    Job.Release
End Sub

PHP Webservice (login.php)

<?php
$host = "mysql16.000webhost.com";
$db = "a1438837_db";
$user = "a1438837_id";
$pw = "a1438837";

$con = mysql_connect($host,$user,$pw) or die(mysql_error());
mysql_select_db($db) or die(mysql_error());
mysql_query("SET CHARACTER SET utf8");
mysql_query("SET NAMES 'utf8'");

$uid = $_GET["user_id"];
$pwd = $_GET["password"];

$res = mysql_query("SELECT user_name FROM tbl_user WHERE user_id = '$uid' AND password = '$pwd'");
$count = mysql_num_rows($res);

if ($count == 0) {
    echo 'Wrong user name or password!';
}
else {
    if ($row = mysql_fetch_array($res)) {
        echo 'Welcome, '.$row['user_name'];
    }
}
?>

Please comment and feedback. Thanks.

 

[lemonisdead]

Dear @aeric, thanks a lot for this great example. But generally speaking, for security reasons, you should preferably use web services instead of querying your database directly from your application. This is only a thought and an advice.

 

[aeric]

I am still beginner in B4A and not familiar with web services. I will explore more when I have time. Thanks.

 

[Reids]

What the problem with the code? it look cool, no querying from b4a app, the php code hosted on webserver as webservice
but only

$uid = $_GET["user_id"];
$pwd = $_GET["password"];

need more secured just adding mysql_real_escape_string() to prevent sql injection and magic quote bypass

$uid = mysql_real_escape_string($_GET["user_id"]);
$pwd = mysql_real_escape_string($_GET["password"]);

 

[aeric]

Thanks Reids for sharing the tips on using mysql_real_escape_string().

 

[aeric]

First post edited with HttpLogin.b4a code and preview image.

 

[hibrid0]

Hi aeric, thanks for share your creation.
I'm testing it, and I create 3 user in the db.
1. demo/12345
2. demo1/123456
3. demo2/1234567

And the code work fine with the first user called "demo", but when I try with "demo1" or "demo2" the php script say 'Wrong user name or password!'.

I dont know much about php.
Can you helpme?

 

[aeric]

Hi aeric, thanks for share your creation.
I'm testing it, and I create 3 user in the db.
1. demo/12345
2. demo1/123456
3. demo2/1234567

And the code work fine with the first user called "demo", but when I try with "demo1" or "demo2" the php script say 'Wrong user name or password!'.

I dont know much about php.
Can you helpme?

Hi hibrid0,

Here are a few things you can check:
1. Please make sure you sign in using the correct pair of username and password.
2. Please make sure the users are registered and saved into the database. You can use phpmyadmin to browse the records inside tbl_user table.

This is my first posting. I recommend you to take a look at my another example:
Register User example using HttpUtils2

 

[hibrid0]

Hi thanks for your quick reply.
1. Yes, user and password is correct and I input the right and wrong password for test.
2. Yes, I added the new users in the db
3. I can't add the option to register the user in app login, because is a private app, not for public.

I go to check your new example.

 

[jahswant]

The upload.

 

[aeric]

hi jahswani,
I found inside member.php, you have the following header:

<?php
error_reporting(E_ALL ^ E_DEPRECATED);
$host = "192.168.43.33";
$db = "reglog";
$user = "root";
$pw = "";

However, inside signup.php and signin.php, you are putting "localhost" as your $host. Try edit the $host set to your server IP.

 

[jahswant]

Ok bro let me correct and test...
EDIT:2 minutes later...
Thanks bro it works like a charm.