dongqian6554 2016-08-03 04:19
浏览 55
已采纳

如何在一个在线服务器上运行php程序

I have some php files that freely run on my online PHP,MySQL server. As an example if it concern about addUser.php (here is that code) 

<?php
if($_SERVER['REQUEST_METHOD']=='POST'){

$name = $_POST['name'];
$email = $_POST['email'];
...

$sql = "INSERT INTO users (name,email,...) VALUES ('$name','$email',...)";

require_once('DbConnect.php');

if(mysqli_query($con,$sql)){
        echo 'User Added Successfully';
 }else{
       echo 'Could Not Add User';
 }

 mysqli_close($con);
 }

I have coded my ANDROID Application to access this type of php file by StringRequest using URL

http://www.***.com/addUser.php

and pass the parameters using HashMaps

So, I want to know how is this php file runs when android user access it, and what will occur when thousands of android users started accessing this php file and started to insert data into my online server Database concurrently. And if there is a problem occur what is the solution for it?

I just want to know is it a problem occur when many users try the same php file at same time?? I mean we use synchronizing in multi-threading to prevent occuring a problem when many users use the same at sametime. As in that way is there will a problem occur when thousands of users adding data through this php file

  • 写回答

2条回答 默认 最新

  • 普通网友 2016-08-03 04:35
    关注

    Lets assume you're going to keep using this script.

    1. You must stop duplicate emails being inserted

    Run a select * from users where email = '$email' before inserting the user. If the results.length == 0, insert the user, if not return an error.

    1. Validate the incoming POST data

    Here you should do some basic validation:

    $name = $_POST['name'];
$email = $_POST['email'];
// Do some checks here which will validate the email

    See the following page for a more in depth look into validating:

    http://php.net/manual/en/filter.examples.validation.php

    Other than that there are some floors

    1. You should make users use a password
      • The password should also be hashed
    2. SQL injection

    One more thing, maybe have a look at other examples. E.g

    http://www.tutorialspoint.com/php/php_login_example.htm

    Edit:

    Seems like you want to implement a google login (based on your comment).

    Here's how I'd do it:

    1. On the client (app), the user would login to there google acc.
    2. In return we would get there accountId and an OAUTH token
    3. We would then send the token + OAUTH token to our PHP server.
    4. The php server would then use a google php library to validate the OAUTH token that we retrieved from the client.
    5. The library would then return information on that user including there google id and other relevant information that was requested.
    6. Check to see if the user has an account by cross checking the google id returned against our database.
      • Select * from dbTABLENAME where googleId =
    7. IF there was nothing returned in step 6, we would then store the googleId + other information (email) in our own database, IF THERE WAS something returned in step 6, we'd return some sort of token to the client that would be used to validate all other requests

    This link will help ->

    http://phppot.com/php/php-google-oauth-login/

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥30 vmware exsi重置后登不上
  • ¥15 易盾点选的cb参数怎么解啊
  • ¥15 MATLAB运行显示错误,如何解决?
  • ¥15 c++头文件不能识别CDialog
  • ¥15 Excel发现不可读取的内容
  • ¥15 关于#stm32#的问题:CANOpen的PDO同步传输问题
  • ¥20 yolov5自定义Prune报错,如何解决?
  • ¥15 电磁场的matlab仿真
  • ¥15 mars2d在vue3中的引入问题
  • ¥50 h5唤醒支付宝并跳转至向小荷包转账界面