Android Question Apps using MySQL: A Security Question

Mashiane

Mashiane

Expert
Licensed User
Longtime User
Hi there

What is the best way to securely include your connection details to an app that uses MySQL?

Whilst users will get registered on my app to use it, I have defined a main user that accesses the database and execute php commands using a single username and password and have included the connection details in the app.

On each of my php files I have also included the username and password details to login into the database. The thing is I want to avoid hacking perhaps via the app or via my php scripts though my webserver is not using https.

Any advise anyone?
 
Sort by date Sort by votes
KMatle

KMatle

Expert
Licensed User
Longtime User
First: NEVER EVER include any userid's, pw's or any other data in your app (can easily be read),

This is a nice source for php and MySql: https://www.binpress.com/tutorial/using-php-with-mysql-the-right-way/17

I use one php script for one app (entry). Don't trust any data you get. Check everything you get, filter it, etc. Use encryption and a login for every user (I use RSA plus AES in combination).
 
Upvote 0
You must log in or register to reply here.

Similar Threads

aeric
  • Article
Share My Creation [B4J] MySQL API Server (Key + Token) and [B4X] User Login Apps
2 3
Replies
42
Views
18K
pixet
pixet
Star-Dust
  • Article
B4J Library [B4X] [B4XLib] SD_SQL (direct access to MySQL, MariaDB, MS SQL, FireBird)
2 3
Replies
56
Views
18K
amorosik
amorosik
aeric
  • Article
Share My Creation User Login + MySQL PHP API
4 5 6
Replies
108
Views
36K
aeric
aeric
Erel
  • Locked
  • Article
B4A Library JdbcSQL - Directly connect to remote databases
2
Replies
23
Views
61K
Erel
Erel
JakeBullet70
  • Article
Share My Creation Erels [B4X] CloudKVS - synchronized key / value store - MySQL
Replies
12
Views
9K
janderkan
janderkan
Top