dongruoqiong9017 2014-12-13 20:49
浏览 38
已采纳

iOS应用程序通过MySQLi登录

I'm creating an app wherein the user can access a database using PHP and MySQLi.

For creating the account I create a url string with the parameters appended on the end which is then read using $_GET in my signup.php file and added to the database (I'll be adding things like email activation later).

Two questions:

  1. Is there a problem using $_GET in this fashion? since I'm appending the email and password to the url string, I feel its not secure, but since its inside the app I'm not as sure.

  2. How should I handle the login? The way I was thinking was to use $_GET method again and using this information in a query to check for matching results then return a message which the app would pick up to log the user in.

  • 写回答

1条回答 默认 最新

  • dongre1907 2014-12-13 22:07
    关注
    1. Is there a problem using $_GET in this fashion? since I'm appending the email and password to the url string, I feel its not secure, but since its inside the app I'm not as sure.

    You're right. It's not secure. Anybody on the same wifi network as the device can see the password.

    How should I handle the login?

    Buy an SSL certificate for the server and use https. This will make what you're doing secure.

    There are no other alternatives, SSL is the way to go.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥30 这是哪个作者做的宝宝起名网站
  • ¥60 版本过低apk如何修改可以兼容新的安卓系统
  • ¥25 由IPR导致的DRIVER_POWER_STATE_FAILURE蓝屏
  • ¥50 有数据,怎么建立模型求影响全要素生产率的因素
  • ¥50 有数据,怎么用matlab求全要素生产率
  • ¥15 TI的insta-spin例程
  • ¥15 完成下列问题完成下列问题
  • ¥15 C#算法问题, 不知道怎么处理这个数据的转换
  • ¥15 YoloV5 第三方库的版本对照问题
  • ¥15 请完成下列相关问题!