$_POST array is empty, when i try to send data to myregister.php

Question

i'm devoloping an Android app. For the signin i need to send a database the data, but when i try to use $_POST array after the encode it seems be empty (i've tried to print the response, and i think this is my problem).

Here is the javacode inside my app:

private String register (String username, String password, String number) {

    String reg_url = "myDomain/register.php";


    try {
        URL url = new URL(reg_url);
        HttpURLConnection httpURLConnection = (HttpURLConnection) url.openConnection();
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setDoOutput(true);
        httpURLConnection.setRequestProperty("Accept-Charset", "UTF-8");
        httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");

        OutputStream OS = httpURLConnection.getOutputStream();

        BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(OS, "UTF-8"));

        String data = URLEncoder.encode("username", "UTF-8") + " = " + URLEncoder.encode(username, "UTF-8") + "&" +
                        URLEncoder.encode("password", "UTF-8") + " = " + URLEncoder.encode(password, "UTF-8") + "&" +
                        URLEncoder.encode("number", "UTF-8") + " = " + URLEncoder.encode(number, "UTF-8");
        bufferedWriter.write(data);

        bufferedWriter.flush();
        bufferedWriter.close();
        OS.close();
        InputStream IS = httpURLConnection.getInputStream();

        BufferedReader bufferedReader= new BufferedReader(new InputStreamReader(IS,"iso-8859-1"));
        String response = "";
        String line;

        while ((line = bufferedReader.readLine())!=null) response += line ;

        Log.i("Response", response);
        IS.close();
        bufferedReader.close();

        if (!response.toLowerCase().contains("fail"))
            return Language.registered;
        else
            return Language.aProblemOccurred;



    } catch (UnsupportedEncodingException e) {
        e.printStackTrace();
        return Language.aProblemOccurred;
    } catch (IOException e) {
        e.printStackTrace();
        return Language.aProblemOccurred;
    }

}

And this is the simple php code of the registration:

<?php 

    require "init.php";

    $username = $_POST["username"];
    $password = $_POST["password"];
    $number   = $_POST["number"];
    $mpt      = "1";

    $sql_query = "insert into Users values( '$mpt' , '$number' , '$username' , '$password' , '$number',  '$mpt' ,  '$mpt' ,  '$mpt' ,  '$mpt' ,  '$mpt' ,  '$mpt' ,  '$mpt' );"; 

    if ( mysqli_query ( $res , $sql_query ) )
    {
        echo "<h3> Data Insert Success...".$number.$password.$username.$_POST["password"]."<h3>";
    }
    else 
    {
        echo "Data Insert fail: Error:".mysqli_error($res).$number.$password.$username;
    }

?>

Can someone help me????

Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) You should be using parameterized queries — RiggsFolly, May 21 '16 at 15:07
1) How i can i use parameterized query? 2) Anyway, how can i solve my $_POST's problem? — Luigi Blu, May 21 '16 at 15:43
1) By [reading the manual](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) — RiggsFolly, May 21 '16 at 15:46
I have to do this to make safe my database, thanks.. But as i see there are no references to $_POST array, can you help me, also for this my problem? Thank you so much — Luigi Blu, May 21 '16 at 15:57
Useful links http://stackoverflow.com/questions/2938502/sending-post-data-in-android and http://stackoverflow.com/questions/27513282/send-data-via-post-android-to-php and http://stackoverflow.com/questions/4470936/how-to-do-a-http-post-in-android and they were only the first 3 results of a google search **android java send post to php** — RiggsFolly, May 21 '16 at 16:00

score 0 · Answer 1 · answered May 21 '16 at 15:58

0

I actually dont know java i know the basics but i haven't used it in 3 years, so i dont know how you are getting the value from the user from the post method to php. However you can use the url as get method to get input from the user.

  "myDomain/register.php?username=abc&password=qwqw1w1"

and then get it as a get funtion in php. Or you can first take the user input in a variable and then send them to php using POST method, that should work

$username = $_GET["username"];
$password = $_GET["password"];
$number   = $_GET["number"];

answered May 21 '16 at 15:58

Sumit

486
4
16

In this way, it seems work from the browser but still don't work from the application :((( – Luigi Blu May 21 '16 at 16:51
did u try it on the application ?? store the value of the username in a different variable then pass the variable in the url comment your code – Sumit May 21 '16 at 17:53

$_POST array is empty, when i try to send data to myregister.php

1 Answers1