dongruoqiong9017 2014-12-13 20:49
浏览 38
已采纳

iOS应用程序通过MySQLi登录

I'm creating an app wherein the user can access a database using PHP and MySQLi.

For creating the account I create a url string with the parameters appended on the end which is then read using $_GET in my signup.php file and added to the database (I'll be adding things like email activation later).

Two questions:

  1. Is there a problem using $_GET in this fashion? since I'm appending the email and password to the url string, I feel its not secure, but since its inside the app I'm not as sure.

  2. How should I handle the login? The way I was thinking was to use $_GET method again and using this information in a query to check for matching results then return a message which the app would pick up to log the user in.

  • 写回答

1条回答 默认 最新

  • dongre1907 2014-12-13 22:07
    关注
    1. Is there a problem using $_GET in this fashion? since I'm appending the email and password to the url string, I feel its not secure, but since its inside the app I'm not as sure.

    You're right. It's not secure. Anybody on the same wifi network as the device can see the password.

    How should I handle the login?

    Buy an SSL certificate for the server and use https. This will make what you're doing secure.

    There are no other alternatives, SSL is the way to go.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度
  • ¥30 关于#r语言#的问题:如何对R语言中mfgarch包中构建的garch-midas模型进行样本内长期波动率预测和样本外长期波动率预测