I want to let only Mobile App (iOS) to let data from my server side PHP Script
I used HTTP_USER_AGENT here
$userAgent = $_SERVER['HTTP_USER_AGENT'];
It shows App Name, CF Network Info, Darwin OS Info
I got some info regarding HTTP transmission info utilizing this. But i need more detail.
Is there any way to get more details info regarding my app & only accept Mobile App (iOS) to get data from server side PHP script?
About the only decent way to lock your server-side scripts to only mobile devices running your app is to implement HTTPS with client certificate validation.
Beyond this, anything that would indicate a device is running iOS could easily be sent from any device. The most obvious case here is running Safari on the device and accessing your scripts from there.
We came across this problem in our app as well. Turns out the solution is actually quite simple.
There are only two steps:
1) Generate MD5 secret key once and store in app as a string (any MD5 key generate will do)
2) When making a POST (don't use GET, more safer) request to the web service, pass along this secret key
After you do that, your web service will know that the request was made from the app.
This method also has an extra benefits.
Let say you have two version of your app, paid and free, using a different MD5 secret key for each, you can identify whether it was the free or paid version that made the request.
Try
$iphone = strpos($_SERVER['HTTP_USER_AGENT'],"iPhone");
returns true if the browser is used from iPhone. I m not sure whether it works with third party browsers like chrome in iPhone.
That's is not 100% possible as Mobile Apps info can be emulated into browsers. Check Firefox Plugins.
But as a small check:
function isMobileiOS($useragent){
if(stripos($useragent, 'iPod') !== false || stripos($useragent, 'iPhone') !== false || stripos($useragent, 'iPad') !== false){
return true;
}
return false;
}
$mobile = isMobileiOS($_SERVER['HTTP_USER_AGENT']);
This will catch iOS devices.
