Android Question Encrypt a URL php link

[yiankos1]

Hello my friends,
I use at my code a URL php link that is connected to MySQL database at my server.

http://xxx.com/test.php?secret=password&id=add&name=test

If someone decompile (dex2jar) my app, he will see that link and the "secret" password and he can use it at bad way. What do you suggest me to do?

 

[Siam]

Hello,

i use this sub:

Sub crypt (job As String, data As String) As String
    Dim crypter As Crypter
    Dim crypted As String
    crypter.Initialize("a5d7g8s6a5a6s7d","2342571231")
    If job="crypt" Then
        crypted=crypter.encrypt(data)
     End If
    If job="decrypt" Then
         crypted=crypter.decrypt(data)
    End If
Return crypted

End Sub

to crypt and decrypt the server url this make it harder to find the right url.
but don't forget that a simple sniffer shows the decryptet url.
If you have the option to use a Secure https connection,
then i have mybe a small Library to Protect your app from a Man in The middle Attack.

i Think the better way is :
The other Way is that you build a Php Script who contains the secret Passwort and manage the connection to the MySql DB with this you can filter the the data from the connection.



andy

 

[yiankos1]

Thank you very much fro quick answer. I am little bit newbie at php script. Can you point somewhere in order to do it. Thank you for your time.

 

[Siam]

maybe this can help you :

https://www.b4x.com/android/forum/threads/connect-android-to-mysql-database-tutorial.8339/

 

[yiankos1]

Thank you very much for replies! I will try them! Have a nice day!