Okay, weird, weird question time. I have an Android app that submits data to the server using a form POST to an ASP page. Well, at least it SHOULD. I actually have 2 domains. Let's say they are: MySite.com and MySiteBeta.com.
When I use the Android app and post to MySite.com the form data is received without any problems. When I modify the app to post to MySiteBeta.com the form data is not received. (No changes to the code except the domain name) Mind you, there are no errors recorded in the page - and execution continues past where any error should have occured. But, no form data is present. I'm looping through the Request.Form object just to be sure, and nothing is there. Also, if I just create another ASP page to send this form data, everything works fine. So, it doesn't seem to be anything with the ASP page itself.
What could cause an Android app to work when posting to one domain but not another? NOTE: The files on the server are the same. I'm assuming it may be some sort of permissions in the ASP setup (running IIS8)? Not sure.
Related
I'm working on an android app that on buttonpress fills out the form data on a website, submits those and returns the response in a webview.
I tried many solutions based on all input elements the website expects.
I also did record the network activity in chrome's developer tab when I submit manually, tested it with only those parameters, and even imported the .har in POSTMAN.
Whenever I try to recreate the submissions either via POSTMAN or via cURL, I'm getting the 403 Forbidden Errors, no matter if I use POST or OPTIONS..
I'm guessing I am missing a Session Cookie or something equivalent.
Frankly I'm fairly new to this topic.
How would I generally go about automating the filling and submitting of forms on a website while still retrieving the response in a viewable format (e.g. to be able to manually enter the captcha)?
The URL in question is this btw: https://subwayrewards.de/register
I have an expressJS server running. I am POSTING multipart form-data to the server, and parsing this with GridForm (which again, correct me if I am wrong, is an extension of FormidableJS). This seems to work fine when posting from a web-form, or Postman etc., however, when I try to post from my Android app or IOS app, there is a strange issue. Sometimes it works fine, and then, even though I do no changes in the app code, no fields are parsed. The files are however allways parsed, so it is clear that the POST actually comes through. Anyone have any ideas of what this problem can be?
I have started working on an Android app for which we need to use MySQL as database and Ruby on Rails for server side code. We will be using SQLLite too on device(will sync both DB as and when required). I searched the web and couldn't find any relevant tutorials/examples which can serve as a base to start with.
I have gone through MySQL and ROR tutorials but still has confusion on connecting Android with ROR.
Can somebody share some relevant tutorials/code snippet which can explain the complete linkage of the technologies. I mean how to send data from Android device to MySQL and vice versa. I know the concept theoretically but not sure how and where to start with.
My sincere apologies for asking such a basic question or if I sound ambiguous but I am a beginner and need to complete this task. Thanks in Anticipation..
Here is a brief overview of what you should know to accomplish your goal. I am not going to go that far into detail, especially since I have never personally used RoR. Note that some of these parts might not relate exactly to RoR, but the general idea behind it still applies. I will leave it up to you to research and figure out how to implement each individual component.
The general flow of everything is as follows:
Android App <==> Network <==> Web Service <==> MySQL
Note the double-edged arrows since data will be flowing in both directions.
The Android App is the client, and the Web Service and MySQL database are located on your Web Server. I only included the Network part for completeness, but you shouldn't have to do anything once the data has been sent onto the network.
A brief overview of each section:
Android App:
The Android App is the client that sends and retrieves data from the Web Server. I am assuming that in your app you are going to allow the user to do some tasks which in essence becomes the data that you want to send to the server at some point.
Take for example, the user should be able to enter his name and favorite animal. Lets say that there is an actual "Submit" button that the user may click. When this "Submit" button is clicked, it should wrap up the data into a proper format to be sent across the network. Two of the most common ones are JSON and XML. Once the data has been formatted properly, you will want to send the data to the server using some type of network protocol such as HTTP. In order to send the data, you of course must have some URL as the target. Lets say the target is www.example.com/webservice.php. This target is our Web Service located on the Web Server.
Once you send the data, the server will respond with some data at which point you can do whatever you want with it. Maybe display it to the user, or stick it in an SQLite database, or even both.
The key thing to remember is that there is no magic going on. Everything I have just described will be implemented in Java code that you will write in your Android Application at some point.
Key Ideas you should research more and figure out how to implement in Java code:
JSON and XML
HTTP in Java
REST and SOAP
Here is an excellent video on possible ways to set up the structure of your Android App.
Make sure that you are doing all network operations in your Android App on a different thread. An easy to use method is an Intent Service.
Web Service:
This is often the most confusing part. A Web Service is simply some entry point for clients attempting to access the Web Server. My explanation here might different slightly when using RoR, but the same idea applies. Notice above that the target URL was www.example.com/webservice.php. The web service is literally the PHP code that exists on the Web Server, called webservice.php. In your Android App, when you send data to the target URL using HTTP, the Web Service code will be executed on the server (and also have access to the data that you sent to it). Inside of your Web Service code, you will basically be extracting the data (which is in some format like JSON), grabbing the necessary parts, and then doing something with it. In this case you will most likely be querying the database. In PHP it is easy to write code that connects and queries a MySQL database that is also running on the server. When the response of the database is retrieved by the Web Server, you can send it back to the Android App. Just as before, remember, there is no magic going on. All of these ideas are implemented by writing some code.
Main ideas to research:
Ruby on Rails web service
How to access a MySQL database using Ruby on Rails
MySQL Database:
This is where you will store the data on the Web Server. I am not going to go that in depth here because this is just going to require you doing a lot of reading up on how to set up a MySQL database on a web server. It is also important that you learn how to create the appropriate queries such as SELECT, INSERT and so forth.
Main Ideas to research:
How to setup a MySQL database on a web server
If you need any clarification, let me know!
I have a new project involving the build of an Android app for a website of a hiking club. The website has a login functionality after which the user can browse through available hikes, subscribe to a hike, view the other subscribers, contact the organizer etc.
The original site is based on a MySQL database with a front end of .asp pages. Most data is passed through the pages as GET parameters on the query string.
New to Android development, some things really puzzle me, even after reading several tutorials. I am thinking towards an architecture baes on REST webservices but there a several obstacles to overcome and chooses to be made.
Apart from using REST, some other options are available:
Call the original .asp pages from the app instead of building a dedicated Web service. This leaves me with much less code to write, the original business logic (queries e.a.) as well as the login system can be used (with the "remember me" functionality based on cookies). Downside is that the (X)HTML code in the response needs to be parsed to show in the app GUI, where the majority of the response code is useless ballast code. Also, it does not feel very good from an archtitectorial point of view.
Using a SOAP based webservice. I am totally unfamiliar with SOAP and it appears to be much too heavyweight for a mobile device.
Using REST services. I am leaning towards this option, and have made
some already working services using the SLIM framework. But there
are some problems. First, REST is stateless by definition and does
not seem to support sessions. But the "Remember me" option is
required for the app after login in for the first time, the user
needs not to login again unless he explicitly logs out.
But how can we achieve that?
First option is to designing some completely client-site login/logout system which saves the credentials locally until the user logs out. And sending the credentials with each request to the Web service as POST parameters, or somehow in the HTTP Authorization request header, though I am not familiar with that.
Second option is to deviate a bit from RESt principles and use a session mechanism anyway. After sending the credentials to the web service, a cookie is created and send to the client app. The dartabase cannot be extended so there is no option to save a token in the user table. Maybe the usernae/password can be encrypted and send as a cookie to the app, and decrypted at each subsequent request?
I am a bit lost in this, and look forward to serious suggestions!
I believe that from a long term perspective, it is important that you lean towards REST Interfaces. While JSoup and/or WebView approaches will definitely work, it is important to have the flexibility to redefine/design the mobile application in ways that are completely agnostic of the Server side. REST will help you there and you do not need to play catch up with the Server side, everytime they change the HTML pages, etc.
Going REST will also help in future with writing additional mobile applications and even on different platforms like iOS, if your roadmap contains that.
You can use jsoup to parse the html pages from your Android app and reorganize the information of the web page, this option will gives you ability to quickly develop an App, later you may think on add REST interfaces to your web site and populate data in json.
You can also use WebView to laod your web pages if you don't want to parse html pages.
I suggest you using REST architecture as you said. You can use a rest client library for Android as RESTDroid, take a look to the guide because there is a implementation example with special header needed for the particular web service used (Parse.com in this case).
I just can't get my head straight about this one. I'm currently building a rather large-scale application on Android. I've run in to a couple of problems regarding security and authentication though...
The Scenario:
I have an application that's making calls through HTTP (will implement SSL later) to a server running PHP and MySQL. Of course i want to use the existing user-database, so migration to another DB is not a solution..
I've managed to create the "register users via Android to the server"-functionality.
I've also made a working login, BUT this is where the problems start.
As users in the Android application I'am working on adds, edits, deletes and sync stuff on the server via/to the application, things get rather complicated. A little too complicated for me it seems :)
Problems:
As I get the result from my server-side login and pass it from the
server to Android via JSON, the connection dies and server-side I
'aint logged-on (sessions dies) whereas on the phone I'am. How can I
make the log-on persistent both on the server and in Android without
the need to log-on again? So that subsequent calls from Android to
the server is made with the same user, still authenticated. I.e. I
want sort of a one-time login ('till I logout) like in the
Spotify-app (and many others).
If I've understood things right, implementing SSL correct makes it
possible to send passwords in clear text to the server without the need to hash them first. Is this correct?
I just can't stop thinking about the fact that a MIM-attack would compromise any unique id I send from Android to the server. My first thought was to have the UID on the Android device as a "key" to the server after a successful log-on. But if that key gets in the wrong hands, the user associated with that UID will be compromised. I've looked at the AccountManager on Android but it seems rather over-kill in my case.
If someone could supply examples or at least guidelines, I'd be much grateful!
Thanks in advace!
ADDED SOLUTION DIAGRAM AFTER EDIT
Notice that this diagram shows the first start of the application. Later startups will NOT show the Login / Register form, but use the DUT instead.
// Alexander
Issue some form of a short-lived authentication token to Android apps. They would need to pass it in every request, and you will check it your Web app. Breaking the connection doesn't end the session, if it does, you have bug in your Web app: fix it. In Android, as long as you are using the same HttpClient instance, it will continue to use the same session, nothing special is needed.
Whatever you do, do not put off implementing SSL, do it now.