我正在尝试为我的应用编写注册系统,但它不起作用,我不知道为什么。
我在php中编写了一个api,它包含3个文件:
这里是index.php
<?php
require_once 'Functions.php';
$func = new Functions();
if($_SERVER["REQUEST_METHOD"] == 'POST'){
$data = json_decode(file_get_contents("php://input"));
if(isset($data -> operation)){
$operation = $data -> operation;
if(!empty($operation)){
if($operation == 'register'){
if(isset($data -> user) && !empty($data -> user) && isset($data -> user -> firstname) && isset($data -> user ->lastname) && isset($data -> user -> birthday) && isset($data -> user -> gender) && isset($data -> user -> email) && isset($data -> user -> username) && isset($data -> user -> password)){
$user = $data -> user;
$firstname = $user -> firstname;
$lastname = $user -> lastname;
$birthday = $user -> birthday;
$gender = $user -> gender;
$email = $user -> email;
$username = $user -> username;
$password = $user -> password;
if($func -> isEmailValid($email)){
echo $func -> registerUser($firstname, $lastname, $gender, $birthday, $email, $username, $password);
}else{
echo $func -> getMsgInvalidEmail();
}
}else{
echo $func -> getMsgInvalidParam();
}
}else if($operation == 'login'){
if(isset($data -> user) && !empty($data -> user) && isset($data -> user -> email) && isset($data -> user -> password)){
$user = $data -> user;
$email = $user -> email;
$password = $user -> password;
echo $func -> loginUser($email, $password);
}else{
echo $func -> getMsgInvalidParam();
}
}else if($operation == 'chgPass'){
if(isset($data -> user) && !empty($data -> user) && isset($data -> user -> email) && isset($data -> user -> old_password) && isset($data -> user -> new_password)){
$user = $data -> user;
$email = $user -> email;
$old_password = $user -> old_password;
$new_password = $user -> new_password;
echo $func -> changePassword($email, $old_password, $new_password);
}else{
echo $func -> getMsgInvalidParam();
}
}
}else{
echo $func -> getMsgParamNotEmpty();
}
}else{
echo $func -> getMsgInvalidParam();
}
}else if($_SERVER["REQUEST_METHOD"] == "GET"){
echo "Raivel Login API";
}
Functions.php:
<?php
require_once 'DBOperations.php';
class Functions{
private $db;
public function _construct(){
$this -> db = new DBOperations();
}
public function registerUser($firstname, $lastname, $gender, $birthday, $email, $username, $password){
$db = $this -> db;
if(!empty($firstname) && !empty($lastname) && !empty($gender) && !empty($birthday) && !empty($email) && !empty($username) && !empty($password)){
if($db -> checkUserExist($email)){
$response["result"] = "failure";
$response["message"] = "User already registered!";
return json_encode($response);
}else{
$result = $db -> insertData($firstname, $lastname, $gender, $birthday, $email, $username, $password);
if($result){
$response["result"] = "success";
$response["message"] = "User registered successfully!";
return json_decode($response);
}else{
$response["result"] = "failure";
$response["message"] = "Registration failure!";
return json_decode($response);
}
}
}else{
return $this -> getMsgParamNotEmpty();
}
}
public function loginUser($email, $password){
$db = $this -> db;
if(!empty($email) && !empty($password)){
if($db -> checkUserExist($email)){
$result = $db -> checkLogin($email, $password);
if(!$result){
$response["result"] = "failure";
$response["message"] = "Invaild login credentials";
return json_encode($response);
}else{
$response["result"] = "success";
$response["message"] = "Login successful";
$response["user"] = $result;
return json_encode($response);
}
}else{
$response["result"] = "failure";
$response["message"] = "Invaild Login Credentials!";
return json_encode($response);
}
}else{
return $this -> getMsgParamNotEmpty();
}
}
public function changePassword($email, $old_password, $new_password){
$db = $this -> db;
if(!empty($email) && !empty($old_password) && !empty($new_password)){
if(!$db -> checkLogin($email, $old_password)){
$response["result"] = "failure";
$response["message"] = 'Invalid old password!';
return json_encode($response);
}else{
$result = $db -> changePassword($email, $new_password);
if($result) {
$response["result"] = "success";
$response["message"] = "Password changed successfully!";
return json_encode($response);
} else {
$response["result"] = "failure";
$response["message"] = 'Error updating password!';
return json_encode($response);
}
}
}else{
return $this -> getMsgParamNotEmpty();
}
}
public function isEmailValid($email){
return filter_var($email, FILTER_VALIDATE_EMAIL);
}
public function getMsgParamNotEmpty(){
$response["result"] = "failure";
$response["message"] = "Parameters should not be empty!";
return json_encode($response);
}
public function getMsgInvalidEmail(){
$response["result"] = "failure";
$response["message"] = "Invalid email!";
return json_encode($response);
}
}
DBOperations.php:
<?php
class DBOperations{
private $host = '*****';
private $user = '*****';
private $db = '*****';
private $pass = '*****';
private $conn;
public function _construct(){
$this -> conn = new PDO("mysql:host=".$this->host.";dbname=".$this -> db, $this -> user, $this -> pass, array('charset' => 'utf8'));
$this -> conn -> query("SET CHARACTER SET utf8");
}
public function insertData($firstname, $lastname, $gender, $birthday, $email, $username, $password){
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$sql = 'INSERT INTO users SET firstname=:firstname, lastname=:lastname, gender=:gender, birthday=:birthday, email=:email, password=:hashedPassword, username=:username, joining_date = now()';
$query = $this ->conn->prepare($sql);
$query -> execute(array(':firstname' => $firstname, ':lastname' => $lastname, ':gender' => $gender, ':birthday' => $birthday, ':email' => $email, ':username' => $username, ':hashedPassword' => $hashedPassword));
if($query){
return true;
}else{
return false;
}
}
public function checkLogin($email, $password){
$sql = 'SELECT * FROM users WHERE email= :email';
$query = $this -> conn -> prepare($sql);
$query -> execute(array(':email' => $email));
$data = $query -> fetchObject();
$db_password = $data -> password;
if ($hashedPasswordCheck = password_verify($password, $db_password)) {
$user["username"] = $data -> username;
$user["email"] = $data -> email;
return $user;
} else {
return false;
}
}
public function changePassword($email, $password){
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$sql = 'UPDATE users SET password = :hashedPassword WHERE email = :email';
$query = $this -> conn -> prepare($sql);
$query -> execute(array(':email' => $email, ':hashedPassword' => $hashedPassword));
if ($query) {
return true;
} else {
return false;
}
}
public function checkUserExist($email){
$sql = 'SELECT COUNT(*) from users WHERE email =:email';
$query = $this -> conn -> prepare($sql);
$query -> execute(array('email' => $email));
if($query){
$row_count = $query -> fetchColumn();
if ($row_count == 0){
return false;
} else {
return true;
}
} else {
return false;
}
}
}
现在的android文件:
package de.novee.apps.raivel.register;
import android.content.Intent;
import android.os.Bundle;
import android.support.annotation.Nullable;
import android.support.v7.app.AppCompatActivity;
import android.support.v7.widget.Toolbar;
import android.support.design.widget.Snackbar;
import android.util.Log;
import android.view.MenuItem;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.ProgressBar;
import de.novee.apps.raivel.LandingActivity;
import de.novee.apps.raivel.R;
import de.novee.apps.raivel.login.LoginActivity;
import de.novee.apps.raivel.loginregistration.Constants;
import de.novee.apps.raivel.loginregistration.RequestInterface;
import de.novee.apps.raivel.models.ServerRequest;
import de.novee.apps.raivel.models.ServerResponse;
import de.novee.apps.raivel.models.User;
import retrofit2.Call;
import retrofit2.Callback;
import retrofit2.Response;
import retrofit2.Retrofit;
import retrofit2.converter.gson.GsonConverterFactory;
public class RegisterSecondActivity extends AppCompatActivity {
Intent i;
View myView;
String firstname;
String lastname;
String birthday;
String gender;
String email;
String username;
String password;
String password_repeat;
private EditText et_email;
private EditText et_username;
private EditText et_password;
private EditText et_password_repeat;
private ProgressBar progress;
@Override
protected void onCreate(@Nullable Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_register_second);
myView = findViewById(android.R.id.content);
i = getIntent();
firstname = i.getExtras().getString("firstname");
lastname = i.getExtras().getString("lastname");
birthday = i.getExtras().getString("birthday");
gender = i.getExtras().getString("gender");
overridePendingTransition(0, 0);
Toolbar toolbar = (Toolbar) findViewById(R.id.toolbar_register_second);
setSupportActionBar(toolbar);
getSupportActionBar().setDisplayHomeAsUpEnabled(true);
getSupportActionBar().setDisplayShowHomeEnabled(true);
getSupportActionBar().setTitle("Registrierung");
toolbar.setTitleTextColor(getResources().getColor(R.color.color_white));
initViews(myView);
setupRegisterUser();
setupGoToLoginButton();
}
private void initViews(View view){
et_email = (EditText) findViewById(R.id.et_email);
et_username = (EditText) findViewById(R.id.et_username);
et_password = (EditText) findViewById(R.id.et_password);
et_password_repeat = (EditText) findViewById(R.id.et_password_repeat);
progress = (ProgressBar)view.findViewById(R.id.progress);
}
@Override
public boolean onOptionsItemSelected(MenuItem item) {
if(item.getItemId() == android.R.id.home){
startActivity(new Intent(RegisterSecondActivity.this, RegisterFirstActivity.class));
}
return super.onOptionsItemSelected(item);
}
private void setupRegisterUser(){
Button btn_registerUser = (Button) findViewById(R.id.btn_register_final);
btn_registerUser.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
email = et_email.getText().toString();
username = et_username.getText().toString();
password = et_password.getText().toString();
password_repeat = et_password_repeat.getText().toString();
if(!firstname.isEmpty() && !lastname.isEmpty() && !birthday.isEmpty() && !gender.isEmpty() && !email.isEmpty() &&
!username.isEmpty() && !password.isEmpty() && !password_repeat.isEmpty()){
if(password.equals(password_repeat)){
progress.setVisibility(View.VISIBLE);
registerProcess(firstname,lastname,birthday,gender,email,username,password);
}else{
Snackbar.make(myView, "Passwörter müssen gleich sein!", Snackbar.LENGTH_LONG).show();
}
}else{
Snackbar.make(view, "Felder dürfen nicht leer sein!", Snackbar.LENGTH_LONG).show();
}
}
});
}
private void setupGoToLoginButton(){
Button gotoLoginButton = (Button) findViewById(R.id.btn_gotologin);
gotoLoginButton.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
startActivity(new Intent(RegisterSecondActivity.this, LoginActivity.class));
}
});
}
private void registerProcess(String firstname, String lastname, String birthday, String gender, String email, String username, String password){
Retrofit retrofit = new Retrofit.Builder()
.baseUrl(Constants.BASE_URL)
.addConverterFactory(GsonConverterFactory.create())
.build();
RequestInterface requestInterface = retrofit.create(RequestInterface.class);
User user = new User();
user.setFirstname(firstname);
user.setLastname(lastname);
user.setBirthday(birthday);
user.setGender(gender);
user.setEmail(email);
user.setUsername(username);
user.setPassword(password);
ServerRequest request = new ServerRequest();
request.setOperation(Constants.REGISTER_OPERATION);
request.setUser(user);
Call<ServerResponse> response = requestInterface.operation(request);
response.enqueue(new Callback<ServerResponse>(){
@Override
public void onResponse(Call<ServerResponse> call, retrofit2.Response<ServerResponse> response) {
ServerResponse resp = response.body();
Snackbar.make(myView, resp.getMessage(), Snackbar.LENGTH_LONG).show();
progress.setVisibility(View.INVISIBLE);
}
@Override
public void onFailure(Call<ServerResponse> call, Throwable t) {
progress.setVisibility(View.INVISIBLE);
Log.d(Constants.TAG,t.getLocalizedMessage());
Snackbar.make(myView, t.getLocalizedMessage(), Snackbar.LENGTH_LONG).show();
}
});
}
}
ServerRequest.java:
package de.novee.apps.raivel.models;
public class ServerRequest {
private String operation;
private User user;
public void setOperation(String operation) {
this.operation = operation;
}
public void setUser(User user) {
this.user = user;
}
}
ServerResponse.java
package de.novee.apps.raivel.models;
public class ServerResponse {
private String result;
private String message;
private User user;
public String getResult() {
return result;
}
public String getMessage() {
return message;
}
public User getUser() {
return user;
}
}
RequestInterface:
package de.novee.apps.raivel.loginregistration;
import de.novee.apps.raivel.models.ServerRequest;
import de.novee.apps.raivel.models.ServerResponse;
import retrofit2.Call;
import retrofit2.http.Body;
import retrofit2.http.POST;
public interface RequestInterface {
@POST("apps/raivel/android_api/")
Call<ServerResponse> operation(@Body ServerRequest request);
}
User.java:
package de.novee.apps.raivel.models;
public class User {
private String firstname;
private String lastname;
private String gender;
private String birthday;
private String email;
private String username;
private String password;
private String oldPassword;
private String newPassword;
public String getFirstname() {
return firstname;
}
public void setFirstname(String firstname) {
this.firstname = firstname;
}
public String getLastname() {
return lastname;
}
public void setLastname(String lastname) {
this.lastname = lastname;
}
public String getGender() {
return gender;
}
public void setGender(String gender) {
this.gender = gender;
}
public String getBirthday() {
return birthday;
}
public void setBirthday(String birthday) {
this.birthday = birthday;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getOldPassword() {
return oldPassword;
}
public void setOldPassword(String oldPassword) {
this.oldPassword = oldPassword;
}
public String getNewPassword() {
return newPassword;
}
public void setNewPassword(String newPassword) {
this.newPassword = newPassword;
}
}
我失败了&#39;在日志中点击并在应用程序中注册我得到小吃栏消息&#39;在第1行第1列&#39;输入结束。
我的php文件保存在我的网站www.novee.de/apps/raivel/android_api /..'
还有一个Constants.java文件,但我认为发布它并不重要。我知道这是很多代码,但我正在寻找解决方案,因为几天甚至几周都找不到。所以我希望你们能花点时间帮助我理解这个错误。
如果我对这篇文章说错了,请告诉我。
答案 0 :(得分:1)
在创建时删除密码哈希中的salt。
使用password_hash时需要使用盐,这是在password_hash内部处理的。
盐是随机的,并在创建时使用密码(password_hash)进行连接,但在验证时没有使用密码(password_verify),因此无法匹配。
PHP 5.5提供a native password hashing API,以安全的方式安全地处理hashing和verifying passwords。