Mobile developers often need to connect their mobile app to server, transferring data in and out. To make the app talk to server, we need something called script.

Scripts help you execute the tasks required. One of the most common scripting language is PHP. This post cover details of PHP scripts but the rules can be extended over to other scripting languages as well.

Web Services

A web service is a means of communication between two devices over world-wide-web. We write script of our web service, host it on a server, secure it and make a call to it.


You can use any scripting language that is supported by your system. For mobile apps (android, iPhone, windows phone), most commonly used scripting language is PHP. PHP is easy to write and its supporting code is readily available all over.


Once you have written your web service, it is time to make it accessible. Upload the script to a server. If you have a web hosting account, then just go to your hosting account’s file manager and hit upload. If you have not yet purchased web hosting, that’s no problem. Just sign in to a free web hosting server (I used and you are good to go. Note the URL where script was uploaded.

E.g If i upload my script test.php in a folder named allscripts under public_html directory, then my URL will be:


Now that my script is available on the web, anyone can access it using the given url. But wait! That’s not what we want. Scripts often contain important data which has to be protected. Luckily, there is an easy way to put a security check for intruders. We will allow only our own mobile application to access the web service this way:

add the following code on top of the script just after <?php

if(isset($_GET[‘name’]) && isset($_GET[‘password’])){

$name= $_GET[‘name’];

$password= $_GET[‘password’];

if($name!=”myname” || $password!=”mypassword”){

echo “Go away Intruder!”;





echo “Illegal Attempt”;



The above code inserts two level of security check: name and password. Instead of $_GET, $_POST can also be used depending on security of application.

$_GET retrieves variables from URL or the query string.

$_POST retrieves variables from HTTP POST method, usually called in programming code from mobile app.


Different mobile platforms with different languages give you separate ways of calling the script. Lets highlight two of them:

GET request in android:

String path = “”;

String login= “name=myname&password=mypassword”;

try {

URI uri = new URI(path + login);

HttpParams httpParameters = new BasicHttpParams();

HttpConnectionParams.setConnectionTimeout(httpParameters, 5000);

HttpConnectionParams.setSoTimeout(httpParameters, 10000);

HttpClient client = new DefaultHttpClient(httpParameters);

HttpGet request = new HttpGet(uri);

HttpResponse response = client.execute(request);

if (response != null) {

//your code


}catch(Exception e){


GET request in iPhone dev:

– (IBAction)sendRequest;


NSURL *url = [NSURL URLWithString:@””];

NSURLRequest *request = [NSURLRequest requestWithURL:url];

[NSURLConnection sendAsynchronousRequest:requestqueue: [NSOperationQueue mainQueue]completionHandler:^(NSURLResponse *response,NSData *data, NSError *connectionError){

if (data.length > 0 && connectionError == nil)   {

//your code




Congratulations! You have successfully connected your mobile app to remote server.