I have developed an Ubuntu desktop application to monitor when computers are on that is currently writing directly to a MySQL database. For security purposes I assume that I don't want to have all of these clients talking directly to my database, and instead need to create some other web interface between the client and the database. Should I write this interface in PHP? How does the client invoke this interface?
For security purposes I assume that I don't want to have all of these clients talking directly to my database
Probably not. You can lock down the database to some degree, but probably not enough.
instead need to create some other web interface between the client and the database.
Web services are the usual way to provide a controlled interface to a database these days.
Should I write this interface in PHP?
You could. Language should is a fairly personal thing though. I'd probably go with Perl's Dancer framework myself. It is capable of handling a RESTful API (although that guide assumes you've already learned the basics of Dancer).
How does the client invoke this interface?
By making an HTTP request. It might be as simple as a POST request with on as the body (and then the server uses the client ip address to determine which machine the request came from). The specifics of how you go about that depend on the language you are writing the client in and the libraries you have available to it.
Related
I'm building a mobile project that needs to be in constant communication with a server and i need some information . I know how to build local apps but this is the first time that i'm building an app that requires external call to a server / authentication service .
I'm asking for guidance how to proceed and which services/servers to use.
What type of server/database do i need ?
I'm guessing i will be requiring an API service but no idea how to choose/make one.
I want to use azure services/database but i also don't want to be dependent on it. I want to have my own url that i send request to and interact with a server/db that i can later move to another host fairly easily.
I develop websites mostly and i'm familiar with php/laravel + Mysql but i think in this case it will be overkill to create a laravel app simply for the server backend .
The app will be mobile only so i don't expect to have a webpage for it . simply an external server/database where the data will be saved.
First i need an authentication service - where each user will register on the phone which will then be saved in my external server/database . Then when they need to login - they will input the login details on the phone , which will query the esternal server/database and if validated - get their details from the server.
First, you need to decide which kind of server communication you'll need. it's in real time and constant? then you'll need a websocket. It's in bursts when you need to send or get data? then you'll need some kind of webservice (REST, RPC, SOAP). Then you have to evaluate the user load you'll have. And finally, the human resources you'll have.
Based on your question, I think a REST webservice will be more than enough. You may:
-Create a REST service for every group of related resources. Example: the /user URL should handle the signup, login, logout and user update operations.
-Create a method for each one of those operations and handle them. Then, call the method from the REST service class.
-Depending on the amount of users and the technology you're using, create a server to handle the requests, or upload your REST project to a server (tomcat, for example).
-Create an app and consume the REST services from there.
There are tons of tech you can choose for these things. PHP allows creating REST services, I think. Java is a very good choice too, since you can use the same code in both server and android apps. Node.Js is pretty popular, too, since you don't need servers and uses NIO (althought java can do both things using jetty and also has multithreading); golang and scala both have superb performance (golang is a lot more easier to learn, though, and it has no need to use external webservers).
Hope this helps.
For mobile applications the best will be REST (representational state transfer),becouse is lightweight and flex to use in other technology. I had project which include REST and mobile app and web app and it working very well.
In this scenario, we usually will build a REST API service for client end. As you are familiar with Laravel, you can refer to http://www.programmableweb.com/news/how-to-build-restful-apis-using-php-and-laravel/how-to/2014/08/13#apiu for how to build a REST API service with Laravel. Also you can leverage other light 3rd part PHP frameworks to build REST API service.
You can create and develop the application on local and then deploy to Azure Web Apps. Please refer to https://azure.microsoft.com/en-us/documentation/articles/app-service-web-php-get-started/ for more info.
And there several vendors provide MySQL services on Azure. ClearDB is a BaaS on Azure for MySQL. You also can use the VM to host your MySQL Service. E.G. MySQL by Bitnami and MySQL by Docker.
I want to create following project :
Server application hosted on Azure - it connects to databse via Entity framework and gives and API for anyone who want to connect (but with account stored in SQL database)
WPF application - it consumes server methods, objects etc.
Web app (php & javascript) - also consumes server methods and object etc.
IMPORTANT : I have only azure student's subscription and I want to hold onto it - buying anything else is out of the question unless it has strong argumentation.
I figured that to do this I have to create REST Web API because I have no other choice to connect to server than via HTTPWebRequest (because I want to have the same API for WPF nad web app).
My question is : does better solution exists?
I think I can create different API's for desktop client than web app but I have no idea how to do that. Whould you be so kindly to show me other way?
Why dont I want to have this solution?
Reason is simple. For big databases and slow internet connection it would take ages to download whole data in few seconds. As far as my knowledge goes there is no lazy loading in REST thus my WPF application's thread reponsible for downloading database would freeze for a big period of time.
If my question is too broad please leave a comment before you put up a flag.
Also, any tips regarding my project design are well appreciated.
Different APIs for Desktop and Web: this can be done easily enough. Assume you have a class library to contain your business logic (domain stuff). Create a web api project that makes use of it, then create yet another web api project separately that also makes use of the core models. When you deploy, deploy each separately to a different domain/subdomain (I'm unsure if you'll require further Azure resources for this, but consider api.desktop.myapp.com and api.web.myapp.com... no real technical reason why you can't do it that way, though for architecture reasons I'd avoid it (it's really coming close to if not definitely is duplication of code).
Same API for Desktop and Web: you stated that you thought you'd have to do this differently for the desktop and web, specifically because of the resource usage on the server. I disagree here, and think you should implement some standardized rate limiting into your API. Typically this is done by allowing only X amount of resources to be returned in a single call. If the initial request asks for more than X limit, an offset/nextID is returned by the API, and the client submits a new request noting that offset/nextID. This means you have subsequent calls from the client to get everything it needs, but gives your server a chance to handle it in smaller chunks (e.g., check for rate limits, throttling, load balancing, etc). See the leaky bucket algorithm for an implementation that I prefer, myself: https://en.wikipedia.org/wiki/Leaky_bucket)
So I've built a web app in PHP that relies heavily on a MySQL database. Now (for user convenience purposes) I'm trying to create the exact same app, just as an iPhone app. Granted, I have no knowledge of Objective-C (just starting to learn it), I wanted to know how to go about this. I know that I'll have to use some kind of intermediary to get Objective-C to connect to the SQL database.
So essentially my questions are: If I've already created the web app as aforementioned, could I use the same DB and tables for the iOS app version as I did for the PHP web version? Also, is there anyway to migrate any code I've created in PHP to iOS (I realize that they are two completely different languages), but I'm just curious as to whether or not I'll have to build the iOS app from 'complete' scratch.
Your best bet is to write an PHP service to talk to your database.
This way you can share this API between your app or iOS app or any other type of client app.
The service will be responsible to receive request query the database and send responses in JSON format for example.
So to make things easier, you should not query the database directly from your apps, use a common web service.
You can use your MySQL database for any purpose because it is just data. The code that will show them will be different though. If you have no knowledge about Objective-C you should consider the web-app approach.
Here are a few helper links.
https://developer.apple.com/library/safari/referencelibrary/gettingstarted/gs_iphonewebapp/_index.html
http://gigaom.com/2010/02/12/how-to-create-an-iphone-web-app/
I recently started to do development in the Haxe language with OpenFL (AS3 background).
But I have never worked on an app that communicates with a server - or never done any programming for servers for that matter!
I have to make a mobile app (for which I intend to use Haxe) where the new user creates an account on the server, and thus also interact withe other user accounts in a desired way.
So could someone guide me in the right direction to approach this situation? I'm guessing I will need to use PHP or ruby etc.
or can I use Haxe to program on the server? are there any good libraries that also provide security while making facility for user accounts? Is AWS or Google app engine something I can use?
check this simple but complete tutorial by filtreck
http://mromecki.fr/blog/post/haxite-writing-entire-website-using-haxe
You will want to create normal web pages that you can host on the server which will retrieve the needed information.
After having uploaded these, use a type of webview in the application to load the pages and retrieve this information.
You can write your server in Haxe if you want, and if you use a platform that supports it you could use TCP and haxe.remoting to pass data between the client and the server.
haxe.remoting is intended to make calling haxe function in a server from a client easier so that may be what you want.
If you don't feel confortable with using TCP you could do as Max wrote, just make some HTTP API (you can do this too in haxe) and do normal HTTP request from the client.
Here's the situation:
I have a web hosting which provides a MySQL database account, but connection only allows from localhost.
I'm considering to expose this MySQL through web interface, and extend the mysqli class so I can normally read/write to this database from another host.
Before doing this, I want to know if my solution is a good idea, and whether there already has such an open source solution to my situation?
Use Web Services. Web services are designed to provide an API so that one server can communicate with another server to access the resources of that server. The advantage of creating a Web service wrapper around your MySQL database is to avoid exposing the SQL layer to the broad Internet.
In general, by writing Web services, your application can only use the services that you've specifically chosen to expose. Additionally, many Web service frameworks offer authentication packages and validation that can help prevent malicious entities from illegally accessing or manipulating your data.
Finally, should you migrate to a different data source, you can maintain the same uniform interface between the application and the datasource, which eliminates the need to modify the PHP application.
However, by directly exposing your database to the Internet, you potentially expose yourself to data theft and data loss.
For more information on Web services, you could start with this Wiki Article on REST.
That's a lot of overhead and reimplementation work. Instead consider to open the MySQL server up for remote connections, using SSL and certificate authorization: http://dev.mysql.com/doc/refman/5.1/en/secure-basics.html
This allows you to expose the real mysqld server. You will need to use the most recent PHP version, as that adds SSL support in the PDO interface for example. http://www.php.net/manual/de/ref.pdo-mysql.php#103501 But I'd say that's still easier than crafting your own RPC interface and securing that.
And if you actually use Mysqli, then the SSL/cert support is already built-in: http://php.net/manual/en/mysqli.ssl-set.php
Here is a good place you can get started to creating an API.
First, you should evaluate the kind of data you want to share across your servers and see if you really need it.