我有一个webservices网址附加密码。当我通过提供正确的密码来运行应用程序时,应用程序正在运行,同时我使用错误的凭据运行应用程序。该应用程序正在运行,我没有想法摆脱这个问题。我的代码在这里:
NSString *post =[[NSString alloc] initWithFormat:@"password=%@",[password text]];
NSLog(@"PostData: %@",post);
NSURL *url=[NSURL URLWithString:[NSString stringWithFormat:@"http://myexample.com/Accountservice/Secure/ValidateAccess?password=abcd&type=1"]];
NSData *postData = [post dataUsingEncoding:NSASCIIStringEncoding allowLossyConversion:YES];
NSString *postLength = [NSString stringWithFormat:@"%d", [postData length]];
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] init];
[request setURL:url];
[request setHTTPMethod:@"POST"];
[request setValue:postLength forHTTPHeaderField:@"Content-Length"];
[request setValue:@"application/json" forHTTPHeaderField:@"Accept"];
[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
[request setHTTPBody:postData];
NSURLRequest *request1 = [[NSURLRequest alloc] initWithURL:[NSURL URLWithString:post] cachePolicy:NSURLRequestReloadIgnoringLocalCacheData timeoutInterval:10];
NSURLConnection *connection = [[NSURLConnection alloc] initWithRequest:request1 delegate:self startImmediately:YES];
if(!connection){
NSLog(@"connection failed");
}
else{
NSLog(@"connection succeeded");
}
如果我给'abcd',因为密码连接成功显示。如果我提供错误的密码连接成功显示。我该如何解决这个问题?如果我给错了密码需要显示警告。
问题可能出在您使用的网址上
通过这种方式传递凭据不是一个好习惯。您可以使用POST方法和一些有效的加密来防止可能发生的安全问题
解决方案试试吧
NSString *urlString=@"http://myexample.com/Accountservice/Secure/ValidateAccess?";
self.responseData = [NSMutableData data];
NSString *post =[NSString stringWithFormat:@"username=%@&password=%@",userNameTextField.text,passwordTextField.text];
NSData *postData=[post dataUsingEncoding:NSUTF8StringEncoding];
NSString *postLength = [NSString stringWithFormat:@"%d", [postData length]];
NSMutableURLRequest *request = [[[NSMutableURLRequest alloc] init] autorelease];
[request setURL:[NSURL URLWithString:urlString]];
[request setHTTPMethod:@"POST"];
[request setValue:postLength forHTTPHeaderField:@"Content-Length"];
[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
[request setHTTPBody:postData];
NSURLConnection *connection0= [[NSURLConnection alloc] initWithRequest:request delegate:self];
[connection0 start];
这个控制结构是问题所在:
if(!connection){
NSLog(@"connection failed");
}
else {
NSLog(@"connection succeeded");
}
这不会检查连接是否错误,这会检查连接对象是否等于0(nil)。显然,在上面的行中初始化后,else语句将始终记录,给您错误的印象,即您的连接已成功。您应该成为连接的delegate,并响应相应的委托方法。