-3
사용자 이름과 비밀번호를 입력하는 로그인 양식이 있습니다.Android MySQL 사용자가 관리자인지 확인하십시오.
은 무엇 내가 달성하고자하는 것은 :
• 확인 사용자가 관리자, 관리자, 일반 사용자의 경우.
• 그런 다음 나는 건배/사용자가 관리자/관리자/일반 사용자임을 에코 표시됩니다
이는 로그인 양식에 대한 내 전류 소스 코드입니다.
import android.content.Context;
import android.content.Intent;
import android.content.SharedPreferences;
import android.os.Bundle;
import android.support.v4.app.Fragment;
import android.util.Log;
import android.view.LayoutInflater;
import android.view.View;
import android.view.ViewGroup;
import android.widget.Button;
import android.widget.EditText;
import android.widget.Toast;
import com.android.volley.AuthFailureError;
import com.android.volley.Request;
import com.android.volley.RequestQueue;
import com.android.volley.Response;
import com.android.volley.VolleyError;
import com.android.volley.toolbox.StringRequest;
import com.android.volley.toolbox.Volley;
import java.util.HashMap;
import java.util.Map;
public class TwoFragment extends Fragment{
View view;
Button reg;
//Defining views
private EditText editTextEmail;
private EditText editTextPassword;
private Button buttonLogin;
//boolean variable to check user is logged in or not
//initially it is false
private boolean loggedIn = false;
public TwoFragment() {
// Required empty public constructor
}
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
}
@Override
public View onCreateView(LayoutInflater inflater, ViewGroup container,
Bundle savedInstanceState) {
// Inflate the layout for this fragment
view = inflater.inflate(R.layout.fragment_two, container, false);
reg = (Button) view.findViewById(R.id.button);
buttonLogin = (Button) view.findViewById(R.id.btnsignin);
buttonLogin.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
login();
}
});
editTextEmail = (EditText) view.findViewById(R.id.txtemail);
editTextPassword = (EditText) view.findViewById(R.id.editText);
reg.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
Intent i = new Intent(getActivity(), managerreg.class);
startActivity(i);
}
});
return view;
}
@Override
public void onResume() {
super.onResume();
//In onresume fetching value from sharedpreference
SharedPreferences sharedPreferences = getContext().getSharedPreferences(Config.SHARED_PREF_NAME, Context.MODE_PRIVATE);
//Fetching the boolean value form sharedpreferences
loggedIn = sharedPreferences.getBoolean(Config.LOGGEDIN_SHARED_PREF, false);
//If we will get true
if(loggedIn){
//We will start the Profile Activity
Intent intent = new Intent(getActivity(), MainActivity.class);
startActivity(intent);
}
}
private void login(){
//Getting values from edit texts
final String username = editTextEmail.getText().toString().trim();
final String password = editTextPassword.getText().toString().trim();
//Creating a string request
StringRequest stringRequest = new StringRequest(Request.Method.POST, Config.LOGIN_URL,
new Response.Listener<String>() {
@Override
public void onResponse(String response) {
//If we are getting success from server
if(response.equalsIgnoreCase(Config.LOGIN_SUCCESS)){
//Creating a shared preference
SharedPreferences sharedPreferences = getActivity().getSharedPreferences(Config.SHARED_PREF_NAME, Context.MODE_PRIVATE);
//Creating editor to store values to shared preferences
SharedPreferences.Editor editor = sharedPreferences.edit();
//Adding values to editor
editor.putBoolean(Config.LOGGEDIN_SHARED_PREF, true);
editor.putString(Config.USERNAME_SHARED_PREF,username);
//Saving values to editor
editor.commit();
//Starting profile activity
Intent intent = new Intent(getActivity(), MainActivity.class);
startActivity(intent);
}else{
//If the server response is not success
//Displaying an error message on toast
Toast.makeText(getActivity(), "Invalid username or password", Toast.LENGTH_LONG).show();
}
}
},
new Response.ErrorListener() {
@Override
public void onErrorResponse(VolleyError error) {
//You can handle error here if you want
}
}){
@Override
protected Map<String, String> getParams() throws AuthFailureError {
Map<String,String> params = new HashMap<>();
//Adding parameters to request
params.put(Config.KEY_USERNAME, username);
params.put(Config.KEY_PASSWORD, password);
//returning parameter
return params;
}
};
//Adding the string request to the queue
RequestQueue requestQueue = Volley.newRequestQueue(getActivity().getApplicationContext());
requestQueue.add(stringRequest);
}
}
이 현재 PHP이다 : 나는 사용자가 관리자인지 아닌지 확인하는 방법을 모르는
<?php
if($_SERVER['REQUEST_METHOD']=='POST'){
$username = $_POST['username'];
$password = $_POST['password'];
require_once('dbConnect.php');
$sql = "SELECT * FROM managerreg WHERE username = '$username' AND password = BINARY '".md5($_POST['password'])." ";
$result = mysqli_query($con,$sql);
$check = mysqli_fetch_array($result);
if(isset($check)){
echo 'success';
}else{
echo 'failure';
}
}
.
무엇이 문제인지 말할 수 있습니까? – Alagunto
Btw, 귀하의 PHP 코드는 SQLInj에 취약합니다. 누군가가 자신의 사용자 이름 안에 '<-이 숯을 넣으면 곤란을 겪습니다. http://bobby-tables.com/ – Alagunto
사용자가 관리자인지 확인하는 방법을 모르겠습니다. –