2

I am developing an application on android, which has a web server and a MySQL database.

The database contains the user names and the passwords.

I would like to implement the login procedure and establish a session between the android device and the web server using PHP.

Thanks in advance...

Improve this question

2 Answers 2

Reset to default
6

From your question it seems like you just want to know how to do this in php, android or not. You need to have users and passwords (hashed) stored in your DB, for instance when the user registers an account with you.

session_start(); //Start the session.  Call on every page that will have the login.
$login = $_POST['login'];
$pass = $_POST['pass'];  //Get login and password the user has sent.

if (is_valid_user($login, $pass)) {
   //If user is valid, pass them along to the next page.
   $_SESSION['logged_in_user'] = $login; //Keep track of the username in the session
}
else echo "Not a valid login";
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Are you saying that you don't need to do anything with cookies or anything else on the Android side to maintain this PHP session? Execute an http request to the server, which then creates the session. Then all subsequent http requests made to the server will use the same session automatically?
@Jakobud generally yes, PHP will emit the cookies automatically. You would only have to worry about it if the user had cookies disabled. Then it's up to you whether you want to maintain the session using GET, and more importantly you would need to keep the SID between redirects. I think cookie disabling is pretty rare nowadays.
0

Okay... so for the login action you could have something like...

session_start();

if(isLoginCorrect())
{
    $_SESSION['logged_in'] = true;
}

Where isLoginCorrect is a function which verifies the username and password are correct. Then you can have some logic in your template files with stuff like this...

<?php if($_SESSION['logged_in']): ?>
    You are logged in
<?php else: ?>
    You aren't logged in
<?php endif; ?>

Then to logout you can use, session_destroy() or unset($_SESSION['logged_in']);

Improve this answer

3 Comments

You have to do both session_destroy() and clear the session variables. See us2.php.net/manual/en/function.session-destroy.php
What about the Android side ?
The android side has nothing to do with this. Sessions are stored on the server and are invisible to the client.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.