1

I want to implement the server part of a client-server application, Some sort of interaction between Android and PHP. but I don't know if there is a structured method for implementing server part in PHP. I use files like create-user.php that get parameters from Android app and do some queries on database and this works fine!! But this does not convince me. I have seen patterns like RestUtils::sendResponse(200, json_encode($output), 'application/json'); in StackOverflow that do the same thing that i do, but in some good looking fashion.

My questions:

  1. if there are best practices please refer me to them.

  2. what is the best Request method (among GET and POST) for tasks like signup?

  3. how can I boost my applications security? I have a signin but this is a very common user & pass check. I this project was all on web I can use cookies to secure the app. But because of being client server I dont know how to boost security? if anyone without singing in request some of my php scripts I dont know how to prevent this.

Please Help Me with referring me to pages.. Thanks in advance.

4

1 回答 1

0

以下是我的回答:

2) GET 和 POST 都可以使用,这取决于你在做什么,通常 GET 用于简单地获取信息,比如拉用户的信息,POST 通常用于发送信息,基本上就是任何带有表单提交数据的东西。

3)为了帮助提高安全性,您可以附加另一个 GET 变量,然后在您的 php 中,您可以做的第一件事是查看该变量是否设置为正确的值。如果不只是杀死脚本。这样,如果有人偶然浏览到 'yourdomain.com/create-user.php' 它将不起作用,他们需要浏览到 'yourdomain.com/create-user.php?appkey=189381823' 或类似的东西.

于 2013-07-24T15:44:12.073 回答