Cannot login when I insert correct data

Question

When I try login using incorrect data in app display this error

org.json.JSONException: End of input at character 0 of

when I use correct data, the progress bar is still loading and doesn't pass to the next activity, in logcat when I use Log.d shown this info

{"login":[],"success":"0","message":"error"}

but Toast didn't display any information or error and the progress bar is still loading. I use MySQL as database and password in database is hashed. I can't figure out this problem I'm still learning.

private void Login(final String email, final String password){
loading.setVisibility(View.VISIBLE);
btn_login.setVisibility(View.GONE);

StringRequest stringRequest = new StringRequest(Request.Method.POST, URL_LOGIN,
        new Response.Listener<String>() {
            @Override
            public void onResponse(String response) {
                try {
                    JSONObject jsonObject = new JSONObject(response);
                    String success = jsonObject.getString("success");
                    JSONArray jsonArray = jsonObject.getJSONArray("login");

                    if(success.equals("1")){
                        for (int i = 0; i < jsonArray.length(); i++){
                            JSONObject object = jsonArray.getJSONObject(i);
                            String name = object.getString("name").trim();
                            String email = object.getString("email").trim();
                            sessionManager.createSession(name, email);
                            Intent intent = new Intent(LoginActivity.this, HomeActivity.class);
                            intent.putExtra("name", name);
                            intent.putExtra("email", email);
                            startActivity(intent);
                            finish();
                            loading.setVisibility(View.GONE);
                        }
                    }
                    Log.d(TAG, "Info " + response);
                } catch (JSONException e) {
                    e.printStackTrace();
                    loading.setVisibility(View.GONE);
                    btn_login.setVisibility(View.VISIBLE);
                    Toast.makeText(LoginActivity.this, "Error " +e.toString(), Toast.LENGTH_SHORT).show();
                    Log.d(TAG, "Info " + e);
                }
                Log.d(TAG, "Info " + response);
            }
        },
        new Response.ErrorListener() {
            @Override
            public void onErrorResponse(VolleyError error) {
                loading.setVisibility(View.GONE);
                btn_login.setVisibility(View.VISIBLE);
                Toast.makeText(LoginActivity.this, "Error " +error.toString(), Toast.LENGTH_SHORT).show();
            }
        })
{
    @Override
    protected Map <String, String> getParams() throws AuthFailureError {
        Map <String, String> params = new HashMap<>();
        params.put("email", email);
        params.put("password", password);
        return params;
    }
};
RequestQueue requestQueue = Volley.newRequestQueue(this);
requestQueue.add(stringRequest);

login.php

<?php
    if ($_SERVER['REQUEST_METHOD']=='POST'){
    $email = $_POST['email'];
    $password = $_POST['password'];
    require_once 'conn.php';
    $sql = "Select name, email, password from firmy where email='$email'";
    $response = mysqli_query($conn, $sql);
    $result = array();
    $result['login'] = array();

   if ( mysqli_num_rows($response) === 1 ){
        $row = mysqli_fetch_assoc($response);
       if (password_verify($password, $row['password'])){
            $index['name'] = $row['name'];
            $index['email'] = $row['email'];
            array_push($result['login'], $index);
            $result['success'] = "1";
            $result['message'] = "success";
            echo json_encode($result);
            mysqli_close($conn);

            }else {
            $result['success'] = "0";
            $result['message'] = "error";
            echo json_encode($result);
            mysqli_close($conn);
      }   
    }
    }
    ?>

Your code is vulnerable to [**SQL injection**](https://en.wikipedia.org/wiki/SQL_injection) attacks. Instead of building queries with string concatenation, always use [**prepared statements**](https://secure.php.net/manual/en/pdo.prepare.php) with [**bound parameters**](https://secure.php.net/manual/en/pdostatement.bindparam.php). See [**this page**](https://phptherightway.com/#databases) and [**this post**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) for some good examples. — Alex Howansky, Jan 22 '20 at 19:04
Also note that your code doesn't output anything if a record for the provided email address is not found. (Or if more than one is found.) — Alex Howansky, Jan 22 '20 at 19:06

score 0 · Answer 1 · answered Jan 22 '20 at 19:05

0

Remove the finish() after the startactivity()

answered Jan 22 '20 at 19:05

Amit pandey

1,149
1
4
15

Cannot login when I insert correct data

1 Answers1