1

I am creating an iPhone app which sends a username and password to a php script, the php script then looks in a mySQL database for the values and sets a boolean to either 0 or 1, depending on whether or not the user should be authenticated. I really have no idea where to start or even what I should Google to look into how to do this.

Is this feasible? Is this the proper way to authenticate a user in an iOS app?

Thanks!

Improve this question
6
  • 1
    Yes, this can be done, it may even be relatively secure if you use HTTPS and don't pass username/password in clear text. But what is your question? How to build the back-end server program? Commented Feb 22, 2012 at 16:38
  • Well I have the iOS part done, which sends the username and password to the php script. The script is then able to connect to my database and look through to see if those values exist. Once it either finds the correct username/password it sets the boolean or it continues to then of the DB... So I have all of that done. I need to know how to send the authentication boolean back to tell the iOS app whether or not the username/password exists in the DB. Commented Feb 22, 2012 at 16:41
  • Regardless of the technology you use (PHP/MySQL or JAVA/MySQL or PHP/PostgreSQL), in general, the procedure is correct. You always need a communication between a client (the iPhone in your case) and the server. Commented Feb 22, 2012 at 16:46
  • Right, so how can the server send a message back to the client? The iPhone needs to know whether or not the user was authenticated to make its next decision. Commented Feb 22, 2012 at 16:47
  • you can do that by generating XML or JSON and then reading the content from it. check my answer for the explanation. Commented Feb 22, 2012 at 16:55

4 Answers 4

Reset to default
1

There are various types to achieve this.

a) Generate an XML or JSON file in PHP, and read the content back in iOS. (this method gives you the benefit of fetching any extra data if you want).

b) Send back HTTP header() from PHP, and read the HTTP response code. you can do something like this.

function checkLogin()
{
    //Check login
    if($login == true) {
        header('HTTP/1.1 200 OK');
    } else {
        header('HTTP/1.1 401 Unauthorized');
    }
}

c) You can output anything in PHP(plain text, JSON, HTML etc.), as the output generated by PHP will be received as HTTP response.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

If I just wanted to get the '1' or '0' from the output and not all the html that goes with it, do I need to write the 1 (or 0) to another location?
0

Anything the PHP script outputs will be returned as the HTTP response. Simply output something meaningful, and read it in the client.

Improve this answer

1 Comment

Are you aware of how the iOS app uses that information or even reads it?
0

The simplest solution would be to use HTTP status codes. Then you don't even have to care about the response body.

If authenticated: "HTTP 200 OK"
If unauthorized: "HTTP 401 Unauthorized"

Resource: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

Improve this answer

1 Comment

No idea, but that's how I would do it on server side.
0

You can write a php script like this:

<?php

// the authentication procedures memorized in the $authentication variable the result of authentication process. Supposed to be 1 if successful

echo $authentication;

?>

Call this script from your iOS by using an NSURLRequest object for example.

P.S.: However, for data exchange between the client and the server you should use the JSON format.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.