----- Original Message -----
From: Miguel Morales
To: [email protected]
Sent: Monday, June 06, 2011 7:26 PM
Subject: Re: [android-developers] login form
1) Why are you trying to strip out SQL commands from the input? That's a
losing battle on the client side.
Your php framework should provide a means of using parameters to make sql
statements. They usually handle invalid content better than you can.
True it should be done on the other side
2) Separate your UI code from your network code, otherwise your app will
get an Application Not Responding dialog error.
I am not sure what you mean. I presume you mean I need a new thread for
parts of it but where would I start and end it?
3) No, if you simply login by passing parameters to a 'regular' php script
then most likely it keeps state by setting a cookie.
I don't know what you mean by 'then call xx.com' but you have to make sure
that you keep the state between HTTP calls.
I believe there are some options for HTTPClient so that it does it
automatically.
Ahh from Google it looks as though if you just use the one default client
then the session variables will be preserved
Thanks
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
