0

我有问题可以请任何人帮助我。

我有一个 php 文件,我从我的 java 类文件的 Asynctask 中调用它。在异步任务中,我发送三个变量电子邮件、密码和密码。

正在发生的事情是,当我使用硬编码值运行我的 php 时,它会给我正确的结果。

结果是:

Inside 1st if 
Inside 2nd if 
Verified 
main if

但是当我尝试通过代码运行我的php时,它给了我错误的结果

结果是:

Inside 1st if 
Invalid
main if

我无法理解为什么会发生这种情况,请指导我。

我的 PHP 文件

<?php

require 'DbConnect.php';

    $i=1;
    $Password = $_POST["password"];
    $Email = $_POST["email"];
    $Pin = $_POST["pin"];
    //$KeyCode = $_REQUEST["key"];


        if((isset($_POST["password"])) && (isset($_POST["email"])) && (isset($_POST["pin"])))
        {
            $query4 = ("SELECT seller_id, name, email, password, verification_Pin, verification_Code, created_Date  FROM `seller` WHERE email = '$Email'");
            $query_run = mysql_query($query4);
            $row=mysql_fetch_row($query_run);

            $int=$row[0];
            $strName=$row[1];
            $strEmail=$row[2];
            $strPwd=$row[3];                
            $strPin=$row[4];

            echo $Pin;
            echo $Password;
            echo $Email;
            echo $int;
            echo $strEmail;
            echo $strPwd;
            echo $strPin;




            if(($Email==$strEmail) && ($Password==$strPwd) && ($Pin==$strPin))
            {
                global $i;
                $i=2;
                $id=updateValidation($int);
                echo $id;
                if($id==1)
                {
                    echo "Verified";
                }
                else
                {
                    echo "Not Verified";
                }
            }
            else
            {
                echo "Invaild";
            }
        }
        else
        {
            echo "Values not set";
        }



function updateValidation($sid)
{
    global $i;
    if($i==2)
    {
        echo "Inside Update vAlidation";
        $queryUpdate = ("UPDATE `seller` SET verification_Pin = 0, verification_Code = 'Verified', created_Date = CURDATE() where seller_id='$sid'");

        if(mysql_query($queryUpdate))
        {
            return 1; 
        }
        else
        {
            return 2; 
        }
    }
    else
    {
        echo "i not 2";
    }
}

?>

我的班级文件:

Button ok = (Button) myDialog
                            .findViewById(R.id.button1);
                    et_pin = (EditText) myDialog
                            .findViewById(R.id.editText1);
                    ok.setOnClickListener(new OnClickListener() {
                        public void onClick(View v) {
                            Toast.makeText(getApplicationContext(),
                                    "CLICKED OK", Toast.LENGTH_LONG).show();
                            pin = et_pin.getText().toString();
                            Toast.makeText(
                                    getApplicationContext(),
                                    "email,pass,pin= " + str1 + "," + str2
                                            + "," + pin, Toast.LENGTH_LONG)
                                    .show();
                            new App_pin_Task().execute(FILENAME_pin);
                            // Intent intent = new
                            // Intent(Dealer_details.this,
                            // Login.class);
                            // startActivity(intent);
                        }
                    });

public class App_pin_Task extends AsyncTask<String, Integer, String> {

    @Override
    protected void onPreExecute() {
        super.onPreExecute();

    }

    @SuppressLint("NewApi")
    @Override
    protected void onPostExecute(String result) {
        super.onPostExecute(result);

        Toast.makeText(getApplicationContext(),
                "Inside App_pin_Task post Execute(Result)=" + result,
                Toast.LENGTH_LONG).show();

        if (result.contains("Invalid")) {
            et_pin.setText("");
        } else {
            Intent myIntent = new Intent(Login.this, UserActivity.class);
            startActivity(myIntent);
        }

    }

    @Override
    protected void onProgressUpdate(Integer... values) {
        // TODO Auto-generated method stub
        super.onProgressUpdate(values);
    }

    @Override
    protected String doInBackground(String... params) {
        // String is = null;

        HttpClient httpclient = new DefaultHttpClient();
        HttpPost httppost = new HttpPost(
                "http://animsinc.com/verifyEmail.php");
        try {
            List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(
                    4);
            nameValuePairs.add(new BasicNameValuePair("email", str1));
            nameValuePairs.add(new BasicNameValuePair("password", str2));
            nameValuePairs.add(new BasicNameValuePair("pin", pin));
            httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
            httpclient.execute(httppost);

            HttpResponse response = httpclient.execute(httppost);
            HttpEntity entity = response.getEntity();
            is = EntityUtils.toString(entity);

        } catch (ClientProtocolException e) {
            // TODO Auto-generated catch block
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        } catch (IOException e) {
            // TODO Auto-generated catch block
        }

        return is;
    }

}
4

3 回答 3

0

补充fayeq-ali-khan的答案,我还将执行以下操作;

首先使用 post 并添加 html 特殊字符以确保安全。

htmlspecialchars => 将特殊字符转换为 HTML 实体

$Password = htmlspecialchars($_POST['password'],ENT_QUOTES);
$Email = htmlspecialchars($_POST['email'],ENT_QUOTES);
$Pin = htmlspecialchars($_POST['pin'],ENT_QUOTES);        
$KeyCode = htmlspecialchars($_POST['key'],ENT_QUOTES);

同样在您的 android 活动中,在您发送字符串之前,修剪该值以确保您没有传输也可能与 PHP 混淆的空字符是一个好主意

nameValuePairs.add(new BasicNameValuePair("email", str1.trim()));
nameValuePairs.add(new BasicNameValuePair("password", str2.trim()));
nameValuePairs.add(new BasicNameValuePair("pin", pin.trim()));

我希望它对你有所帮助

于 2013-09-17T06:07:12.100 回答
0

尝试这个!

改变这个

$Password = $_REQUEST["password"];
$Email = $_REQUEST["email"];
$Pin = $_REQUEST["pin"];
$KeyCode = $_REQUEST["key"];

获取请求

$Password = $_GET["password"];
$Email = $_GET["email"];
$Pin = $_GET["pin"];
$KeyCode = $_GET["key"];

或用于发布请求

$Password = $_POST["password"];
$Email = $_POST["email"];
$Pin = $_POST["pin"];
$KeyCode = $_POST["key"];

或者

"SELECT seller_id, name, email, password, verification_Pin,
verification_Code, created_Date  FROM seller WHERE email = '".$Email."'"
于 2013-09-17T05:13:07.350 回答
0

什么被退回

$Password = $_REQUEST["password"];
$Email = $_REQUEST["email"];
$Pin = $_REQUEST["pin"];
$KeyCode = $_REQUEST["key"];

您的服务器配置可能禁用了此选项并且不返回任何内容。

无论如何,您都不应该使用 $_REQUEST,因为您永远无法确定数据的实际来源:$_POST、$_GET 或 $_cookie。

于 2013-09-17T05:10:39.360 回答