I've successfully managed to use POST to run a PHP script on my website, which allows the phone application to add a new entry to the database (MySQL), and delete an entry.
The next step is the one I have been struggling with for the last few hours now, and that is getting the information FROM the DB onto the phone!
I would like a method that initially just connects to the DB upon starting the activity and populating listview or something will all entries, and later down the line I plan on copying the information to a SQLite DB within the phone.
What is the easiest method I can look into for achieving this?
I can be resourceful but I just need to know what I'm looking for!
you have many options.
higher level abstraction over HTTP (REST/SOAP/etc) like already mentioned
HTTP as a proxy for plaintext/CSV data (without abstraction)
a direct JDBC connection from android device to the MySQL
database data export/import
I guess you're looking for option 3. That is syncing a remote database to local (SQlite on android) and then working with local data? In this case you just get a mysql-client jar (JDBC drivers) into your app and you can start. There're some restrictions though, like Sébastien Renauld already mentioned in the comment. Yet, those issues can be worked around, i.e. with custom configuration of MySQL or with option (2) which can be implemented in generic way (write once)
In general you need to create server API: choose some format to talk to between your web service and android application.
Then you'll always be need to request some data from server, that will be returned to you in format described above in a body of network response of some sort.
Next all you need is parse this data and populate to your adapters or whatever.
Note that networking operation might take quite some time depending on your connection, so you can't wait while it ends to show your UI - you need to do this in async manner, and give user a feedback that data is retrieving.
Nowadays json format passed in body of http post requests are quite popular. Take a look at this tutorial on how to parse json on android and this video about how to create json api in php.
Of course you can try to connect to remote MySQL server directly.. It really is more simple solution in some cases (you don't need to code server-side api), but might be not so accessible because standard MySQL ports aren't opened in all networks. Also your API server might hide some implementation details on how is data stored in reality, thus allowing you to migrate for example from MySQL to PostgreSQL without pain for android application.
Don't forget to secure your data from unauthorized access!
EDIT
It's 2017 and what would be the easiest option now is to use opensource project which will provide rest api for your database, for instance ArrestDB or postgrest
I personaly had to develop this following REST API Service (based on Laravel framework, which I call it lRapi) for an iOS and Android devices, and works great (the version in use for the apps, is much more complex).
https://github.com/w0rldart/lRapi
There are plenty Models and Controllers there that you may use to get started. Responses are JSON formatted, with proper headers.
I still have to add some more documentation to it, but there is some on the main example view, which you may access by just setting the virtual host and opening the root page in browser.
Laravel is a MVC PHP Framework, and it's really easy to get used to it.
This a good way to avoid to do most of the work, and just focus on implementing what else you need.
Related
Current scenario :
There is a webservice (build in php/mysql). User filled data is stored on a remote server.
Issue is user has extremely bad internet connection, webservice is down most of the time. Is there a way to store data locally and sync it when internet is available?
Please note, user might not have database installed on his machine also there is no localserver to work with.
Even if user had some type of RDBMS installed on the box, you probably wouldn't have any way to communicate with it. You can use the HTML 5 Storage API, but it will not solve the connection issues.
And since localStorage (which you probably would use) is available directly only from JavaScript, you would have to make a complicated and fully functional JS application to utilize it.
Note: based on your profile, I would estimate that your JavaScript skills would not be adequate for such task.
If your target audience is mobile users, then you have another alternative: create a native application.
You would still be able to use HTML for the interface (using built in web browser components). But it also would let you have SQLite DB and file storage available on the mobile device, where you can cache the necessary data.
look at the features in HTML 5 for local storage
Typically I would go with IndexDB and then push the local data to the server once the connection is back
http://diveintohtml5.info/storage.html - Should give you a brief about the features and implementation.
I'm developing a system (o rly?!), a regular system. This system maybe considered normal: CRUD's are all over the place. BUT, I also need to access his data as a web service. I'm developing both: the system and the web service, using Laravel 4.
I have controllers, of course, for all the CRUDs on the system so an user can be able to put information on the database. Pretty simply stuff...so far!
As I said: I need to consume data on a web-service format. I need to make request and record data to the server throught a JSON string and REST verbs. That being said, here comes the question:
Should I create a whole new project to access the data as a web service and separate it from the original project (cruds) or this is just a stupid idea of mine?
I think this might help on the security and on the cohesion on both projects.
Any answer is welcome ans thanks in advance! =D
If you are a coder who can easily organise an additional layer into your current app, to create the web-service layer, then do it.
If (like me, and probably most others) you'll just get swamped in a mess of files and folders, and end up changing code which impacts your already existing app - stay well clear! Write a new web-service app!
Separate the concerns, and sleep happy at night that both animals are caged up separately so they can't kill each other.
Although...you are using laravel. So you can actually create separation quite nicely in one app by using packages (were called bundles in L3). You still might run into the risk that you mess up some code of your current app, but if you are strict with yourself, you should be ok.
One question I'd ask yourself is why not just have the app ONLY be a web service, and create clients that meet any needs you want? It does seem odd to have an app being used as a web server and also as a web service. You may run into all sorts of performance problems if you try to do both in the same app.
UPDATE:
For a definitive answer on if you are doing this the right way: I say no, you aren't doing it the right way. Create a web service from your app, and ONLY allow it to be a web service. Then create client apps (web service consumers) to meet any needs you have for displaying the data.
I'm looking to build a dummy CardDav server that allows me to do the following:
- add a CardDav source on an iOS device
- the source will show up as a group on the native Contacts app
- no syncing actually takes takes place with the server (no contacts should be stored on the server or deleted from the device)
The purpose for all of this is that I'm looking to manage the source from an iOS app.
I deployed a Baikal CardDav server successfully and I tried to sniff out the requests that take place when registering a new source, unfortunately I'm quite stuck.
At the moment I have a php file that responds to a PROPFIND request and allow for the source to be validated, but it doesn't show up in the Contacts application.
Any tips would be appreciated in either writing a dummy CardDav server or crippling a functioning one in order to only provide the auth functionalities?
Not sure if i understood your question.
You may try Calendarserver at http://trac.calendarserver.org/wiki/docs-trunk . It is simple to install and setup and works without any quirks.
If you need the server to behave a certain way might be best to use a Carddav framework like SabreDav (for PHP) or milton.io (for java, my project). Then you can do all sorts of weird backend stuff
Milton actually comes with really simple example projects with in-memory data thats perfect for mucking about with
I have an application that retrieves some info and give them to user from a certain public website. However, i am not sure whether i should let my app immediately connect to the target website or it should get the info through my web server using a simple PHP script (JSON).
Actually I am using Jsoup to get the information and I tried both and they worked perfectly ( immediate and PHP) using Jsoup. However, I have not published my app yet due to the confusion aforementioned.
Use the web service. If your client has logic to parse the HTML, it can break when the web page changes. The web service can absorb this change and make corrections, but your client cannot. Not unless you release another version of your app, and that can be a pain.
So I am currently building an application that uses PHP as a web service which subsequently talks to the database in which I store my data. I have chosen to take this route because I am going to have a front-end application that will talk to the database and will be distributed and I do not want to contain any sensitive connection data within it. As of right now, here is how my application works:
1) Client-side application packages data as JSON and sends it via AJAX to the external PHP web service.
2) The PHP web service receives the request and validates it. This validation is done by checking that the correct parameters were supplied via the query string, that the JSON string that was passed along is valid JSON, that the properties within the json_decoded JSON object have the same names as the JSON object that I'm expecting, and that the value types of each property are of the correct type of the JSON object that I'm expecting.
3) If the JSON is valid then the PHP connects to a database and calls the stored procedure that corresponds with the input parameters. The connection data is kept in a separate config.php file and included in the web service.
4) If the database call succeeds, any relevant data is returned to the caller via JSON. Any errors that occur will kill the thread and return an error to the client.
Now, with this architecture, are there any screaming vulnerabilities that anyone sees? In order to better protect the connection data (as that is primarily what I would like to keep hidden from users) I am thinking about doing the following:
-Encoding the data in the config.php in a base of my choosing and then decoding it when connecting to the database.
-Obfuscating both the service and the config files.
Does this sound like enough in terms of protecting my connection values? Is there a better way to store sensitive connection data aside from a config.php file? Is there a way for somebody to easily get access to the .php file that contains the sensitive data? Any advice that you all can give me as to how to further secure this application from attacks would be greatly appreciated.
Best regards,
You could use the PHP OpenSSL libraries to encrypt sensitive data in your configuration files (rather than using security through obscurity). First use OpenSSL to generate a PKCS #12 certificate, then create a PHP page that uses the OpenSSL libraries to import that certificate and encrypt a section, or the whole, configuration file. Then from your PHP code that connects to the database, import that certificate again, and decrypt your sensitive configuration data, then use it to connect to the database. Depending on the size of the data you want to encrypt you may have to envelope the data with AES, then use the RSA keys to encrypt the AES key. This is getting a little complicated for everyone to implement themselves, I think I'm going to write a library for this, thanks for the idea.
Other than that, seems like you have some pretty good security.
From a server point of view...
If your database is on a separate server (which I'd recommend) - lock down the firewall to only accept requests from your web server.
You'd basically only allow access on port 3306 from the IP of your web server. If you're using something like Amazon Web Services this config is really easy to setup.
That way even if someone got the login credentials you'd have another barrier to entry.
Also, I'd make sure you're not on shared hosting, get a decent dedicated server for the web server with a reputable hosting provider that has a good SLA.