creating a simple login

Discussion in 'iOS Programming' started by Dman90, Nov 11, 2011.

Most Liked Posts
  1. Dman90, Nov 11, 2011
    Last edited: Nov 11, 2011

    Dman90 macrumors newbie

    Joined:
    Jun 25, 2011
    #1
    Hi Guys,

    Im having difficulty setting up a simple login view.

    this is my login method:

    Code:
    -(IBAction)login:(id)sender{
   
    NSString *myURL = [ NSString stringWithFormat: @"http://www.durimmanaj.co.uk/phpconnect2.php?userID=%@&password=%@", usernameField.text, passwordField.text]; 
    
    NSData *data = [NSData dataWithContentsOfURL: [NSURL URLWithString:myURL]]; 
    
    NSString *Str = [[NSString alloc] initWithBytes: [data bytes] length:[data length] encoding: NSUTF8StringEncoding]; 
    
    
    if([Str isEqualToString:@"Wrong password"]){
        NSLog(@"LOGIN INCORRECT");}
    else {
        NSLog(@"Login SUCCESS !!!");}
   
}
    this is the php file i use to connect to the database:

    PHP:
    <?php 
    require("phpconnect.php"); 
    $con=mysql_connect($server,$usr,$pwd); 
    $db=mysql_select_db($db,$con); 
    $user=mysql_real_escape_string($_GET["userID"]); 
    $password=mysql_real_escape_string($_GET["password"]); 

    $checkPwdQuery=mysql_query("SELECT password FROM users WHERE user='$user'"); 
    $storedPwd=mysql_fetch_row($checkPwdQuery); 
    if (    $password==$storedPwd[0]){ 
    die (    'Password match');} 
    else{ 
    die (    'Wrong password');} 
    ?>
    I have tried a few different methods but don't seem to get anywhere. ANy help would be appreciated.

    Dman.
     
    share
    + Quote Reply
  2. dejo, Nov 11, 2011

    dejo Moderator

    dejo

    Staff Member

    Joined:
    Sep 2, 2004
    Location:
    The Centennial State
    #2
    You should probably provide more info on what's not working: what are you expecting to happen vs. what did happen.

    But, for now I'll leave you with this: "Wrong Password" != "Wrong password"
     
    share
    + Quote Reply
  3. subsonix, Nov 11, 2011

    subsonix macrumors 68040

    Joined:
    Feb 2, 2008
    #3
    Isn't it a better idea to use the keychain than to store user login in plain text?
     
    share
    + Quote Reply
  4. Dman90, Nov 11, 2011

    Dman90 thread starter macrumors newbie

    Joined:
    Jun 25, 2011
    #4
    well to test this, when i type the wrong password I want the 'wrong password' comment to show up. Right now for every input its always a success, because the code is set up to be a success for anything other then the wrong password. This tells me its not working.
     
    share
    + Quote Reply
  5. subsonix, Nov 11, 2011

    subsonix macrumors 68040

    Joined:
    Feb 2, 2008
    #5
    Switch the order then. ;)

    Code:
        if([Str isEqualToString:@"Correct password"]){
        NSLog(@"Login SUCCESS !!!");}
    else {
        NSLog(@"LOGIN INCORRECT");}
     
    share
    + Quote Reply
  6. Dman90, Nov 11, 2011

    Dman90 thread starter macrumors newbie

    Joined:
    Jun 25, 2011
    #6
    I don't think you understand. the order itself is irrelevant.

    I don't think that the database link is working, and does anyone know why from looking at the PHP code.

    dman.
     
    share
    + Quote Reply
  7. chown33, Nov 11, 2011

    chown33 macrumors 604

    Joined:
    Aug 9, 2009
    Location:
    Sailing beyond the sunset
    #7
    If you're trying to debug your PHP code, you're on the wrong forum. Consider asking your PHP-related question on the Web Development forum.


    What testing have you done on your PHP code? As a test, enter this command-line in Terminal:
    Code:
    curl "http://www.durimmanaj.co.uk/phpconnect2.php?userID=BLACK_KNIGHT&password=NONE_MAY_PASS"
    What does the output say? Is it one of your expected strings? If your PHP code is working, it should be, because the 'curl' command is making the same kind of HTTP request as your Objective-C code.

    If the output isn't one of your expected strings, then what does the output tell you?

    You need to test your PHP code separate from the iOS code. The curl command can do some of this, for many simple queries. I suggest reading its man page and trying it out with a name and password that you have in your database.


    Finally, the security design of this code is awful. You're sending a password in cleartext, over an unencrypted connection. I hope it's not protecting anything of consequence.
     
    share
    + Quote Reply
(You must log in or sign up to post here.)

Share This Page