iOS Form POST

[tdog09]

Hi-

Has anyone been able to successfully POST data to a form? I'm having major difficulty trying to get this to work. I'd post code but 1) I'm not at my mac, and 2) I've tried so many different techniques that I wouldn't know what to put here.

I've read all of apples documentation on NSURL and the Loading System many times, and have searched to the end of the internet trying to figure this out..(that's right, I actually received a dialog box stating I reached the end of the internet!)

Anyway, what I'm trying to do is post the relevant information to a website's login form. Does anyone have an example on how to do this? I've figured out how to "login" by appending the id and password to the URL String, but I figured that wasn't too wise or a secure way to do it....though my frustration is about to lead me back to doing it that way. Thanks all for any help or guidance!

 

[jnic]

I've figured out how to "login" by appending the id and password to the URL String, but I figured that wasn't too wise or a secure way to do it.

POST is not any more secure than GET; if it's security you're after then you need to look into CommonCrypto, SSL, etc., otherwise it's still being sent in the clear.

If you're using POST because GET isn't an option, then something like:

// Create your request.
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] init];
[request setURL:[NSURL URLWithString:@"http://example.com/"]];
[request setHTTPMethod:@"POST"];

// Set some headers.	
[request setValue:@"whatever" forHTTPHeaderField:@"Authorization"];
[request setValue:yourDataLength forHTTPHeaderField:@"Content-Length"];
[request setValue:@"whatever" forHTTPHeaderField:@"Content-Type"];
// etc., as required.
[request setHTTPBody:yourData];

// Do the request, don't forget to handle errors.
[NSURLConnection sendSynchronousRequest:request
    returningResponse:&response error:&error];

Obviously the request would need a background thread if you're doing it synchronously, but that's the bare bones.

 

[rubyruby]

Take a look at the Library ASIHTTPRequest: http://allseeing-i.com/ASIHTTPRequest/

It's very useful for sending HTTP POSTs.

Regards,

rubyruby

 

[tdog09]

POST is not any more secure than GET; if it's security you're after then you need to look into CommonCrypto, SSL, etc., otherwise it's still being sent in the clear.

If you're using POST because GET isn't an option, then something like:

Hmm, so your saying that if I'm to use Post I might as well just append the data to the url? It's a userId and Password, and I know appending it to the url works, just thought I'd try a more secure way...I guess POST is not the answer to that.

I'm realy thinking about just going the URL appending route, finish my app, get it submitted, then work on a more secure form as an update to it.

Take a look at the Library ASIHTTPRequest: http://allseeing-i.com/ASIHTTPRequest/

It's very useful for sending HTTP POSTs.

Regards,

rubyruby

Thanks, I'll def check this out!

 

[jnic]

Hmm, so your saying that if I'm to use Post I might as well just append the data to the url?

Correct. If it's sensitive then use crypto. I'm guessing it's someone else's API though, so if they're accepting unencrypted logins then it's probably OK.

 

[tdog09]

Correct. If it's sensitive then use crypto. I'm guessing it's someone else's API though, so if they're accepting unencrypted logins then it's probably OK.

Thanks, but I'm still having issues finding any other way to login besides using the id and password in the url. It's obv not my website, but I got the go ahead to create applications for it, but without any support.

So...kinda stuck at the moment...

 

[jnic]

As I say, if they're accepting unencrypted logins (i.e. if their login page is not over SSL) then you should be fine to do the same, since they don't consider the details sensitive enough to encrypt.

 

[tdog09]

As I say, if they're accepting unencrypted logins (i.e. if their login page is not over SSL) then you should be fine to do the same, since they don't consider the details sensitive enough to encrypt.

Thanks for your help jnic...now its off to figuring out how to use cookies/session. I have a version of my app working, but it literaly logs in to the site first using the user/pass everytime it's launched or refreshes data. Since I'm new to objective C (but been programming for years), I built the app the most simple way I could to get basic functionality. Now I'm going back putting in better coding to make it more efficient and to add features.

Sigh...really not a fan of apples documentation

 

[dejo]

Sigh...really not a fan of apples documentation

Care to elaborate on that statement?

 

[tdog09]

Care to elaborate on that statement?

Uhm, I don't like it. I mean there's a lot of information in there and it can be useful, but I tend to have to read it many times over before I fully understand it, where as I was in a bookstore the other week, picked up a book on Objective C and read a few pages on a specfic topic, and understood it immediately.

So, for me, apple's doc isn't always clear cut, thus, I'm not a fan of it....but that doesn't mean I don't use it.

 

[dejo]

Well, an introduction book on a topic and reference documentation are kind of intended for different audiences.

 

[tdog09]

Well, an introduction book on a topic and reference documentation are kind of intended for different audiences.

Valid point, but to explain more...when I said documentation, I did't mean anything like API reference, I meant some of Apple's documents on specific topics (URL Loading System documentation for example). And it wasn't an intro book, it was for the "expert", of which in Objc C I'm far from.

 

[dejo]

Valid point, but to explain more...when I said documentation, I did't mean anything like API reference, I meant some of Apple's documents on specific topics (URL Loading System documentation for example). And it wasn't an intro book, it was for the "expert", of which in Objc C I'm far from.

Point taken. I think this just justifies the reason for the existence of these books (among other sources). Sure, the documentation can be daunting at times but I think that what you are expecting from it and what it was intended for are probably not the same thing.