doudengjin8251
2015-04-10 04:26
浏览 57

android和RESTful Web服务实现

I develop and a android app and associated web service. This web service will be accessed from my app only. It is not public. I have read the REST standard and understood various Http methods GET,POST,PUT...etc. For my app i use POST only

In my php code i process request and send response messages. If someone asks whether it is as per REST standard or not?. I don't' know what to say. Is there any problem in my code. The attached is my php and android code. Here i am updating address of a person from mobile to the web server. Code work ok as of now.

-- php

<?php 
$username=$_POST["username"]; 
$gyshadd=$_POST["address"];
$gyshphone=$_POST["phone"];

$connect = mysql_connect("127.0.0.1","melon","my password") or die("jothi can't' connect");
mysql_select_db("taxidata") or die("no database");

if (!empty($_POST)) 
{ 
  //check username already exists
  $query = mysql_query("SELECT * FROM drivertable WHERE userid = '$username'"); 
  $numrows = mysql_num_rows($query);

  if($numrows == 0 )
  { 
    $response["success"] = 0; 
    $response["message"] = "username doesn't'exists"; 
    die(json_encode($response)); 
  } 
  else
  { 
    //create new account
    $query = mysql_query("UPDATE drivertable SET dadd='$gyshadd', mobile='$gyshphone' WHERE userid='$username'");
    $response["success"] = 1; 
    $response["message"] = "Address update success"; 
    die(json_encode($response)); 
  } 

} 
else
{ 
  $response["success"] = 0; 
  $response["message"] = " One or both of the fields are empty "; 
  die(json_encode($response)); 
} 
mysql_close();

?>

android code executed from async task

  private static final String ADDRESS_URL = "http://www.xyz123.com/test/updateaddress.php";



List<NameValuePair> params = new ArrayList<NameValuePair>(3);
                params.add(new BasicNameValuePair("username", username));
                params.add(new BasicNameValuePair("address", daddress));
                params.add(new BasicNameValuePair("phone", phone));

 HttpClient httpclient = new DefaultHttpClient();
 HttpPost httppost = new HttpPost(ADDRESS_URL);
 httppost.setEntity(new UrlEncodedFormEntity(params));
 HttpResponse response = httpclient.execute(httppost);
 String json = EntityUtils.toString(response.getEntity());
 JSONObject myObject = new JSONObject(json);

————————

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • douxigai8757 2015-04-10 05:04
    已采纳

    At least for the example you gave, it can be considered RESTful. Having said that, unless you are not doing any data retrieval (GET) or resource creation (PUT), it's strange that only POST is used in your app.

    Also note that REST is not a "standard" but more of a style/best practice/pattern (see Wikipedia entry), so some deviation is fine if it fits your needs.

    Lastly, if the app does a lot of web service stuff, it may be better to use a REST library that removes most of the drudgery.

    打赏 评论
  • dtslobe4694 2015-04-10 05:05

    While I can understand that you might want to get feedbacks for your code. I'm not sure if I should answer or comment as this can end up being opinionated

    Anyhow, there are 2 concerns

    1. SQL injection, rather than putting a variable directly into SQL string. Try use something like PDO which has prepared statements
    2. Your POST in more like a form POST, which is arguably not REST. Try to send POST via a request payload. Read more about the difference here
    打赏 评论

相关推荐 更多相似问题