I recently built a web application for my company, but the client needed the application to work both offline and online, depending on the availability of internet connection.
Anyways, I'm looking for a way to allow my application to run offline and online. The following technologies are used: PHP, MySQL, jQuery, HTML, and CSS.
Clients could be using that app without internet connection; if there is internet connection the app will automatically move to using the hosting server.
This is either trivial or insanely difficult, depending on a few things:
Does your client have an internal network it can use?
Can that internal network be accessed from the outside?
How many users will your application have?
Are they all on the same network?
On the trivial end of the scale, you can host the entire application locally on your client's network, that can also be accessed from outside, if there is an internet connection. But if there isn't as long as you're on the internal network, the service continues.
On the insanely difficult end, you can build your service so that each browser stores enough information on the machine to allow the user to continue to use the service even if internet connection drops. And then when the connection resumes, the service syncs any updates to the browser.
But this all depends on the answers to those questions.
Related
I've written a webapp in php, which works as a standalone app, but needs to get/post new data from time to time to an API (written by a different company, for desktop software) on localhost. When connecting, it would be from a webpage/browser open on that machine.
So far I've attempted to send curl requests, basically using the generated postman curl code, and it's returning false. I'm thinking it's because it can't connect to the localhost server, possibly because it's blocked from the internet.
I've been researching for a few days, but want a solution that doesn't involve me creating security vulnerabilities in the computers I am trying to connect to, by opening them directly to the internet, and if there is a way to send requests to localhost without installing more software on them I would be partial to that kind of setup.
Does this make sense? I hope someone has some experience or wisdom in this area that could at least nudge me in the right direction.
The localhost is always the computer where you refer to that host. You can't connect to the localhost from your webapp, because the localhost hostname for that app is the computer which runs it.
You have to open a tunnel from you computer to the internet where you webapp can communicate with it.
You can use ngrok to do that, for example
My office network provides internet access to my employees when they connect to it through the office's router. I want to make a web application in which only computers connected to the internet through my office router, can access. So that my employees have to be in my office area before they can login into the php web application.
If they are connected to the internet, but not through my office network they should not be able to log in to the application. (I know I could have deployed the php app in a local server setup in my office but I want the app to be on a remote server on the internet for my personal reason).
What hardware do i need to setup my office network and how do I make PHP detect the id of the hardware of my network so php can determine that a request is coming from my network.
Some options to recognise your private office from a public website:
IP address
This will only work if you know what IP address is in use at any given time by your allowed clients. In the case you use a NAT gateway, this has to be the outside address.
It becomes pretty easy to do this if you have static IP addresses for all your allowed clients, if they change, it quickly becomes a nightmare to keep them right at all times.
Security: since HTTP is based on TCP it's not trivial for other to get to use your IP address through spoofing, but it's by far not foolproof either. Consider it a poor-man solution at the very best.
Caveat: if any of your staff can get remotely to their machine, they can access it remote (so e.g. a time registration system is going to get circumvented by this quickly)
VPN
VPN stands for Virtual Private Network.
This is the goto solution from a security perspective. Essentially you build up tunnels between either individual clients or networks as a whole with the VPN server.
On the central end of those tunnel(s), your webserver answers to web requests (but not to the internet at large).
There is a whole range of VPN products out there. There are equally relatively easy to build solutions using free software (e.g. OpenVPN).
Things on how the client (network or computers) will authenticate to the server and what traffic is attracted to the VPN and much more are all possible parameters you can set.
Security: it depends a bit on the choices made, but unless unproven or outdated solutions are picked, this can be done "top notch". It is however in skill level probably just above your typical IT shop around the corner (but you might be in luck).
Same remark as above: your staff that can gain access to it, might be tunnelling into their machine at work or might use credentials and settings on an office machine at home as well.
DNS
reverse mapping of IP to names is far too easy to spoof, don't try this.
Login/Password
This is a relatively easy solution: allow access from anywhere, but give authorised users a login and password and let them have access after being logged in properly.
Security: It's non-trivial to get this fully secure, there's plenty of opportunity to make errors in how the application works so that it becomes a problem.
But if you have to have a zero footprint on the clients, this is your best option.
Add in 2 factor authentication to increase the password security and make passing on passwords a bit more difficult.
TL;DR
I'd setup an OpenVPN based VPN, they are relatively easy to setup, the clients exist for most OSes (take care not all: e.g. iOS: I don't know of one) and it'll give you more than average protection without you having to delve deeply into the details of encryption protocols and the like.
Still there's a learning curve, but there's plenty of tutorials out there that don't assume much prior knowledge either.
For your clients you setup a certificate-based authentication system using EasyRSA (included with OpenVPN). It's a bit of a habit you need to create, but once setup properly, adding and removing users becomes relatively painless.
On your server all you need to do is make sure the http server only binds to the IP address of the tunnel interface.
I've been reading this book about PHP and MySQL and at the end of each chapter it asks you some questions for you to research about and one of them I don't really get:
What is a Proxy script? When might a proxy script be necessary?
I hope you could help me answering this question because I don't really know what it is (I do know what a proxy server is though)
From WikiPedia's article on Proxy Servers
In computer networks, a proxy server is a server (a computer system or
an application) that acts as an intermediary for requests from clients
seeking resources from other servers. A client connects to the proxy
server, requesting some service, such as a file, connection, web page,
or other resource available from a different server and the proxy
server evaluates the request as a way to simplify and control its
complexity.
That explains it pretty much. So basically, a PHP proxy script can be used to access the blocked content i.e. websites in a network i.e. a college's WiFi network.
For an example, suppose facebook.com is blocked by your college's WiFi and you want to access it then a PHP proxy script might come in handy. Which will take requests from you and send it to the facebook on your behalf and sends the received data back to you. So you're not directly communicating with the facebook's server but that proxy script is doing that job for you.
Here's a simple PHP proxy script I found from a quick search that you might find helpful : Simple-php-proxy-script
I'm working on an idea of mine which is comparable to a home automation system.
The layout of network devices would be like this:
What I want is for my Mobile Phone App to be able to communicate with the home server at all times, but also for the server to be able to reach my phone (Push-notifications).
For this I thought it would be a good idea to implement TCP-Holepunching using my server in the datacenter as the center for traffic.
The problem is though, Since my Java skills aren't good enough yet, I'm forced to write my server in the PHP scripting language, but PHP isn't capable of keeping sockets active.
Is there TCP-holepunching server software (executable in Debian) available which would be able to keep the sockets alive and push any commands from my server towards the correct destination (ie: phone) and vice versa?
There are ways to get sockets working in PHP. One library that does this can be found here:
http://socketo.me/
Also an easy way of setting a server like this up can be done with NodeJS. You code your server in JavaScript (run on Google Chrome's V8 Engine) and then you can handle persistent connections based on events.
It should be possible (with NodeJS) to code a relay server (relaying from your phone to your home PC and vice versa) with only a few lines of code.
I will be developing an application for a club where they will have visitors use biometric systems(finger print) or magnetic cards to mark their attendance.
This application is planned as a web app, made using PHP/MySQL/Javascript. It does a lot of other things as well.
What I wanted to find out is how is the interface between Biometric/Megnetic Card systems to a web app done?
I've never worked on this and am hoping if someone who has experience with this can throw some light on this as to how this could be accomplished. Any pointers will be appreciated.
Also, we will be hosting this application remotely. So we won't have physical access to the web-server.
(I'm afraid there's got to be some form of application installed on a pc that would interface with the hardware and probably makes calls to the web app. But, if there was a way to connect it to the web app directly, then the app would be easy to deploy to any location with minimal installation.)
Thanks! :)
How is the hardware connected? Directly to the app server, or to a standalone box of some sort? If it's a standalone box, then yes you'll have to have some kind of program on the box collect the data and send it to the web app. If it's connected directly to the app server, then you need to write something that either polls the hardware or receives messages/events from the driver and DTRT wrt the web app.
There three type of communication channels are supported by the biometric machines. They are serial, TCP/IP and HTTP. In your case, you either need to implement TCP/IP or HTTP.
If your application is running the intranet, then you can implement the TCP/IP server application and host at a intranet system which is expected to write in a common database between the biometric application and your web-app.
If your application is hosted at the server, then you can implement the http server and associated the URL with the machine. For this you need buy the http api supported machines. Here is the google search link for finding such machines.