I'm sending an email in background with a fixed gmail email address (public static final String EMAIL = "abc#gmail.com" and a fixed password (public static final String PASSWORD = "abcd". Now I want to change that. The user should be able to change the email address and send the email with his personal one.
Unfortunately I wasn't that successful in reseach.
Any help is appreciated!
Thanks in advance!
I didn't understand what you mean by Email eligible.
If you mean eligible(valid) Email address then use this method
private boolean isValidEmaillId(String email){
return Pattern.compile("^(([\\w-]+\\.)+[\\w-]+|([a-zA-Z]{1}|[\\w-]{2,}))#"
+ "((([0-1]?[0-9]{1,2}|25[0-5]|2[0-4][0-9])\\.([0-1]?"
+ "[0-9]{1,2}|25[0-5]|2[0-4][0-9])\\."
+ "([0-1]?[0-9]{1,2}|25[0-5]|2[0-4][0-9])\\.([0-1]?"
+ "[0-9]{1,2}|25[0-5]|2[0-4][0-9])){1}|"
+ "([a-zA-Z]+[\\w-]+\\.)+[a-zA-Z]{2,4})$").matcher(email).matches();
}
i didn't get your question. maybe this will help.
In Android, non-static final variables can be assigned a value either in constructor or with the declaration. But, static final variables cannot be assigned value in constructor; they must be assigned a value with their declaration.
For Checking Email Address pattern
public final static boolean isValidEmail(CharSequence myEmail) {
return !TextUtils.isEmpty(myEmail) && android.util.Patterns.EMAIL_ADDRESS.matcher(myEmail).matches();
}
Related
I want to create some code in my sign up activity which let people use only one email adress with a specific domain.
For example user on the registration form can use only email which domain is
: #ubu.com
otherwise people can not register with other email.
Thank you.
Assuming you want to validated the email domain in Client End only.
Use a regular expression. This expression validates any given string as email and checks if it's domain name matches .edu.com
"^(([\\w-]+\\.)+[\\w-]+|([a-zA-Z]{1}|[\\w-]{2,}))#" + "(edu\\.com)$"
Test method:
public boolean isEmailValid(String email) {
String regEx = "^(([\\w-]+\\.)+[\\w-]+|([a-zA-Z]{1}|[\\w-]{2,}))#"
+ "(edu\\.com)$";
Pattern pattern = Pattern.compile(regEx, Pattern.CASE_INSENSITIVE);
Matcher matcher = pattern.matcher(email);
return matcher.matches();
}
Now validate each email address before signing up.
I have an activity with text edits one for name, email and password and a button that take the user to next activity.
The problem is that even if the user entered a invalid email address he still can go to second activity, I want the email address to be checked than if he entered a valid email address he can go to second activity, if not a toast message appears says INVALID EMAIL ADDRESS.
I am working with KOTLIN but I can work also with java.
Please can anyone guide me on how I can do it ?
Thanks in advance.
There is an interesting Java Library that you can use to test if an E-mail is valid or not.
Here is the Gradle dependency:
implementation group: 'commons-validator', name: 'commons-validator', version: '1.6'
Here is how you would validate an e-mail string:
First, capture the value of the editText into a String object.
Then you can use the following pattern to capture a Boolean value that tells if the user has entered a Valid E-mail address.
String email = "user#domain.com";
Now, you can use the E-mail Validator:
boolean isValid = EmailValidator.getInstance().isValid(email);
This is the easiest way I found.
I hope that helps!
fun isEmailValid(email: String): Boolean {
return Pattern.compile(
"^(([\\w-]+\\.)+[\\w-]+|([a-zA-Z]|[\\w-]{2,}))#"
+ "((([0-1]?[0-9]{1,2}|25[0-5]|2[0-4][0-9])\\.([0-1]?"
+ "[0-9]{1,2}|25[0-5]|2[0-4][0-9])\\."
+ "([0-1]?[0-9]{1,2}|25[0-5]|2[0-4][0-9])\\.([0-1]?"
+ "[0-9]{1,2}|25[0-5]|2[0-4][0-9]))|"
+ "([a-zA-Z]+[\\w-]+\\.)+[a-zA-Z]{2,4})$"
).matcher(email).matches()
}
We have simple Email pattern matcher now
private static boolean isValidEmail(String email) {
return !TextUtils.isEmpty(email) && android.util.Patterns.EMAIL_ADDRESS.matcher(email).matches();
}
I've seen solutions here to validate whether an email address is formatted correctly, however I would like to check if an email address uses a specific domain such as "#gmail.com". The example I am referring to which validates email address format in general is:
public final static boolean isValidEmail(CharSequence target) {
if (TextUtils.isEmpty(target)) {
return false;
} else {
return android.util.Patterns.EMAIL_ADDRESS.matcher(target).matches();
}
}
You might use endsWith and use #gmail.com like:
"test#gmail.com".endsWith("#gmail.com")
Or use a regex like ^\S+#gmail\.com$
Details
^ Assert position at the start of the line
\S+ Match any non whitespace characters one or more times
#gmail\.com match #gmail.com
$ Assert position at the end of the line
For example
if ("test#gmail.com".matches("^\\S+#gmail\\.com$")) {
System.out.println("Match!");
}
Demo Java
You could make use of regex.
Pattern p = Pattern.compile(".*#gmail\.com");
Matcher m = p.matcher("hello#gmail.com");
boolean b = m.matches();
The simplest solution would be checking if the email contains the specified domain. Later you could add a regex or even a dictionary to store the different domains, instead of using one method for each individual domain.
private boolean isFromGmailDomain(String email, String domain)
{
return email.contains(domain);
}
You could make use of regex.
You can check regex https://www.regextester.com/94044
^[a-zA-Z0-9_.+-]+#(?:(?:[a-zA-Z0-9-]+.)?[a-zA-Z]+.)?(domain.in|domain2.com)
I'm developing an Android app and one of my tasks is to check the strength of a password.
Are there any built-in functions for checking the strength of a password?
In order to answer the question, there is no Android function to do this, the closest and best way is to use regex as Mkyong suggested on his blog:
private Pattern pattern;
private Matcher matcher;
private static final String PASSWORD_PATTERN =
"((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[##$%]).{6,20})";
public PasswordValidator(){
pattern = Pattern.compile(PASSWORD_PATTERN);
}
/**
* Validate password with regular expression
* #param password password for validation
* #return true valid password, false invalid password
*/
public boolean validate(final String password){
matcher = pattern.matcher(password);
return matcher.matches();
}
If you dont't want to use external libs.. you can check it yourself.. Something like this:
public void onSubmitClicked(View v)
{
String pass = passwordEditText.getText().toString();
if(TextUtils.isEmpty(pass) || pass.length < [YOUR MIN LENGTH])
{
passwordEditText.setError("You must more characters in your password");
return;
}
if(....){
// do other controls here
}
}
Sounds like you need an external library such as http://code.google.com/p/vt-middleware/wiki/vtpassword etc.
Or it is simple enough to code up something like checking how long it is, what characters it has etc and printing out different things based on that.
If say a user had a 10 length password and some upper case characters you could increment some password strength parameter based on this, rewarding more complex passwords. You can set teh thresholds yourself.
Should I paste the actual public key of my app right into the value of this variable?
Or should I encode it and then whatever the encoded string is, I'd make that string into the value of this variable?
Which should it be?
The public key present in your Android Developer Console (which can be found under 'Edit Profile') is already Base64 encoded. Just copy paste the content of the key in your source file. For example, if you have something like this:
Then in your Security.java:
String base64EncodedPublicKey = "MIIBIjANBgkqhkiG9w0BAQ......";
As the Google sample code for In-app billing say, you should obfuscate this public key.
Instead of just storing the entire literal string here embedded in the
program, construct the key at runtime from pieces or
use bit manipulation (for example, XOR with some other string) to hide
the actual key. The key itself is not secret information, but we don't
want to make it easy for an attacker to replace the public key with one
of their own and then fake messages from the server.
I use very simple Java code to generate the Java Class that will give me back the public key. The basic idea is to use recursion to recreate the key using inner static class. It's just food for thought.
It's a "good-enough" approach for my niche market. See this stackexchange security question for more information on obfuscation.
public static void main(String[] args) throws Exception {
String className = genClassName();
PrintWriter writer = new PrintWriter("C:\\" + className + ".java", "iso-8859-1");
printClass(className, writer, "XXXXXX-YOUR-PUBLIC-KEY-GOES-HERE-XXXXXXX", true);
writer.close();
}
private static String genClassName() {
return "Class" + UUID.randomUUID().toString().replaceAll("-", "");
}
private static String printClass(String thisClass, PrintWriter writer, String key, boolean root) {
int split = key.length() / 2;
if (split < 10) {
writer.println("public " + (root ? "" : "static") + " class " + thisClass + " {");
writer.println("public static String get() {");
writer.println("return \"" + key + "\";");
writer.println("}");
writer.println("}");
} else {
String first = key.substring(0, split);
String last = key.substring(split, key.length());
writer.println("public " + (root ? "" : "static") + " class " + thisClass + " {");
String class1 = printClass(genClassName(), writer, first, false);
String class2 = printClass(genClassName(), writer, last, false);
writer.println("public static String get() {");
writer.println("return " + class1 + ".get() + " + class2 + ".get();");
writer.println("}");
writer.println("}");
}
return thisClass;
}
You need the public key in the program's source code so that you can check the signature. Yes, there's nonzero, unavoidable risk that a cracker will find it, replace it with a fake, and feed your program fake purchases.
You cannot completely hide the key from prying eyes, but you can obfuscate. You can break up the Base64 string into several string constants in different spots and concatenate them before use. Better give the chunks inconspicuous names (not like MY_PUBLIC_KEY_PART_4). You can also apply an additional layer of soft encryption to it - something like XOR a value. You can add an integrity check - make sure the key has not been spoofed (say, store the hash of a key elsewhere and check). But this is all still security via obscurity - a determined enough hacker will get through.
Also consider ProGuard, the built-in code obfuscation tool.
If you have a server component as part of your app, then you can move most of the elements of your security, including your public key, to your server. On the server, you can generate the nonce and verify the purchase (I've moved mine to a RESTFul WCF service). If your server component is .NET based, then you'll probably have to generate a modulus and an exponent from your public key so that you can use the RNGCryptoServiceProvider class. There's a Google I/O video which gives an overview to In-App Billing amongst others.