1. 首页
  2. 问答
  3. iphone与php的web服务通信 - 用户名/密码

iphone与php的web服务通信 - 用户名/密码

2012-03-15 102 views
0

我一直在努力让这个工作正常,我想我终于想出了正确的解决方案,因为当我登录我的iphone它似乎工作正常。我对PHP很陌生,所以我想知道我是否犯了错误,或者是否可以改进。iphone与php的web服务通信 - 用户名/密码

我正在编写一个Web服务的例子http://www.raywenderlich.com/2941/how-to-write-a-simple-phpmysql-web-service-for-an-ios-app

如果我输入的用户名和密码有效,所有这些尝试都是返回403。

<?php 

    // Helper method to send a HTTP response code/message 
    function sendResponse($status = 200, $body = '', $content_type = 'text/html') 
    { 
     $status_header = 'HTTP/1.1 ' . $status . ' ' . getStatusCodeMessage($status); 
     header($status_header); 
     header('Content-type: ' . $content_type); 
     echo $body; 
    } 

    class RedeemAPI { 


     private $db; 

       // Constructor - open DB connection 
       function __construct() { 
       $this->db = new mysqli('127.0.0.1', 'username', 'password', 'promos'); 
       $this->db->autocommit(FALSE); 
      } 

      // Destructor - close DB connection 
      function __destruct() { 
       $this->db->close(); 
      } 


    function redeem() { 

     // Check for required parameters 





    if (isset($_POST["AccountEntry"]) && isset($_POST["PasswordEntry"])) { 



     // Put parameters into local variables 
       $AccountEntry = $_POST["AccountEntry"]; 
       $PasswordEntry = $_POST["PasswordEntry"]; 



        $user_id = 0; 
        $stmt = $this->db->prepare("SELECT username, password FROM usernames WHERE username=? AND password=?"); 

        $stmt->bind_param("ss", $AccountEntry, $PasswordEntry); 
        $stmt->execute(); 
         $stmt->bind_result($user, $pass); 
        while ($stmt->fetch()) { 
       break; 
      } 
      $stmt->close(); 




       if ($AccountEntry === $user && $PasswordEntry == $pass) { 
        sendResponse(403, 'YESSIRRRRR'); 
        return true; 

       } 


     } 
     sendResponse(400, 'Not working'); 
       return false; 
     } 


    } 

     $api = new RedeemAPI; 
     $api->redeem(); 

    //Extra helper functions 



    // Helper method to get a string description for an HTTP status code 
    // From http://www.gen-x-design.com/archives/create-a-rest-api-with-php/ 


    function getStatusCodeMessage($status) 
    { 
     // these could be stored in a .ini file and loaded 
     // via parse_ini_file()... however, this will suffice 
     // for an example 
     $codes = Array(
      100 => 'Continue', 
      101 => 'Switching Protocols', 
      200 => 'OK', 
      201 => 'Created', 
      202 => 'Accepted', 
      203 => 'Non-Authoritative Information', 
      204 => 'No Content', 
      205 => 'Reset Content', 
      206 => 'Partial Content', 
      300 => 'Multiple Choices', 
      301 => 'Moved Permanently', 
      302 => 'Found', 
      303 => 'See Other', 
      304 => 'Not Modified', 
      305 => 'Use Proxy', 
      306 => '(Unused)', 
      307 => 'Temporary Redirect', 
      400 => 'Bad Request', 
      401 => 'Unauthorized', 
      402 => 'Payment Required', 
      403 => 'Forbidden', 
      404 => 'Not Found', 
      405 => 'Method Not Allowed', 
      406 => 'Not Acceptable', 
      407 => 'Proxy Authentication Required', 
      408 => 'Request Timeout', 
      409 => 'Conflict', 
      410 => 'Gone', 
      411 => 'Length Required', 
      412 => 'Precondition Failed', 
      413 => 'Request Entity Too Large', 
      414 => 'Request-URI Too Long', 
      415 => 'Unsupported Media Type', 
      416 => 'Requested Range Not Satisfiable', 
      417 => 'Expectation Failed', 
      500 => 'Internal Server Error', 
      501 => 'Not Implemented', 
      502 => 'Bad Gateway', 
      503 => 'Service Unavailable', 
      504 => 'Gateway Timeout', 
      505 => 'HTTP Version Not Supported' 
     ); 

     return (isset($codes[$status])) ? $codes[$status] : ''; 
    } 

    // This is the first thing that gets called when this page is loaded 
    // Creates a new instance of the RedeemAPI class and calls the redeem method 


    ?>

编辑:对不起,我是不是更清晰我主要想确保这段代码是有效的,如果我正确地检查用户名/密码。

if (isset($_POST["AccountEntry"]) && isset($_POST["PasswordEntry"])) { 



     // Put parameters into local variables 
       $AccountEntry = $_POST["AccountEntry"]; 
       $PasswordEntry = $_POST["PasswordEntry"]; 



        $user_id = 0; 
        $stmt = $this->db->prepare("SELECT username, password FROM usernames WHERE username=? AND password=?"); 

        $stmt->bind_param("ss", $AccountEntry, $PasswordEntry); 
        $stmt->execute(); 
         $stmt->bind_result($user, $pass); 
        while ($stmt->fetch()) { 
       break; 
      } 
      $stmt->close(); 




       if ($AccountEntry === $user && $PasswordEntry == $pass) { 
        sendResponse(403, 'YESSIRRRRR'); 
        return true;

来源

2012-03-15 stilts

回答

2

首先,如果用户名和密码正确,您为什么要发送“未找到”?无论如何,那就是我所做的。这是完全不同的代码,但它可以满足你的要求。

//Connect To Database. I put 127.0.0.1 because that is what was in your code. It is usually "localhost" though. 
$conn = mysql_connect("127.0.0.1", "DATABASE-USER-NAME", "DATABASE-USER-PASSWORD") or  die(mysql_error()); 
mysql_select_db('DATABASE-NAME', $conn) or die(mysql_error()); 

//Put everything in variables 
$username = $_POST['AccountEntry']; 
$password = $_POST['PasswordEntry']; 
//Get the information from the database. 
$result = mysql_query("SELECT * FROM usernames WHERE username = '$username' && password = '$password'"); 
$num_rows = mysql_num_rows($result); 
//If there are one (1) result in the database, returning 403. 
if ($num_rows==1 || $num_rows=="1") { 
    //Correct passcode. Return 403 (thats what you wanted right?). 
    returnStatusCode(403); 
} else { 
    //Incorrect passcode. Return 400 (thats what you wanted right?). 
    returnStatusCode(400); 
} 
//send the headers... 
function returnStatusCode($code) { 
$status_header = 'HTTP/1.1 ' . $code . ' ' . getStatusCodeMessage($status); 
     header($status_header); 
     header('Content-type: text/html'); 
//Don't need the echo($body) since your body was empty anyway. 
} 
//I didn't change this: 
function getStatusCodeMessage($status) 
    { 
     // these could be stored in a .ini file and loaded 
     // via parse_ini_file()... however, this will suffice 
     // for an example 
     $codes = Array(
      100 => 'Continue', 
      101 => 'Switching Protocols', 
      200 => 'OK', 
      201 => 'Created', 
      202 => 'Accepted', 
      203 => 'Non-Authoritative Information', 
      204 => 'No Content', 
      205 => 'Reset Content', 
      206 => 'Partial Content', 
      300 => 'Multiple Choices', 
      301 => 'Moved Permanently', 
      302 => 'Found', 
      303 => 'See Other', 
      304 => 'Not Modified', 
      305 => 'Use Proxy', 
      306 => '(Unused)', 
      307 => 'Temporary Redirect', 
      400 => 'Bad Request', 
      401 => 'Unauthorized', 
      402 => 'Payment Required', 
      403 => 'Forbidden', 
      404 => 'Not Found', 
      405 => 'Method Not Allowed', 
      406 => 'Not Acceptable', 
      407 => 'Proxy Authentication Required', 
      408 => 'Request Timeout', 
      409 => 'Conflict', 
      410 => 'Gone', 
      411 => 'Length Required', 
      412 => 'Precondition Failed', 
      413 => 'Request Entity Too Large', 
      414 => 'Request-URI Too Long', 
      415 => 'Unsupported Media Type', 
      416 => 'Requested Range Not Satisfiable', 
      417 => 'Expectation Failed', 
      500 => 'Internal Server Error', 
      501 => 'Not Implemented', 
      502 => 'Bad Gateway', 
      503 => 'Service Unavailable', 
      504 => 'Gateway Timeout', 
      505 => 'HTTP Version Not Supported' 
     ); 

     return (isset($codes[$status])) ? $codes[$status] : ''; 
    }

编辑:修正了$ code和$ status。

编辑2:或者你可以只使用加布里埃尔的答案,如果你需要这样的代码。

来源

2012-03-15 20:58:43

+0

403只是随机的,所以在xcode端我有些东西要离开状态码返回403我知道用户名和密码是有效的。诚实地说,我几乎不能理解我自己代码中的一半。 – stilts 2012-03-15 21:08:00

+0

if($ num_rows == 1 || $ num_rows ==“1”)?? Doppelthältbesser? – 2012-03-15 21:10:32

+0

@ ott--很抱歉,我不明白... 狭缝:现在工作吗? – 2012-03-15 21:17:50

2

in php您需要使用运营商$this->来调用函数成员。

所以

getStatusCodeMessage($status);

将成为

$this->getStatusCodeMessage($status);

您的代码可以大量修改/优化,但我想既然你开始使用PHP,你需要不断的学习。

来源

2012-03-15 20:59:29

相关问题

 相关问题