Secure way to get Info from a Database

  • (2 Pages)
  • +
  • 1
  • 2

20 Replies - 1315 Views - Last Post: 03 January 2016 - 04:11 PM Rate Topic: -----

#1 R4y0x  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 17
  • Joined: 25-December 15

Secure way to get Info from a Database

Posted 25 December 2015 - 10:50 AM

Hello dreamincode Members,

im pretty new to Databases and stuff but i couldnt find a Forum or someone who could tell me how i code and web Application that works as an Information Handler. So what im trying to do is i wanted to make a Application for my Clients which they use to login to theier accounts and to check data like theier current Coins etc. but its to risky to give them a application with Hard coded Password and usernames from my Databases so i figured out that its possible to create an web app that works as an information handler but my question is how do i code a web app that returns values to the clients app when the clients app asks for it, or if theier is an easier way to do this.

Thanks in advance.

Is This A Good Question/Topic? 0
  • +

Replies To: Secure way to get Info from a Database

#2 astonecipher  Icon User is offline

  • Senior Systems Engineer
  • member icon

Reputation: 2387
  • View blog
  • Posts: 9,604
  • Joined: 03-December 12

Re: Secure way to get Info from a Database

Posted 25 December 2015 - 11:58 AM

Create a new account for them and limit their permission level. It get clunky for someone new to databases, but you could make it where all they can do (permission level thing) is execute stored procedures that give them just the data you want to allow for.
Was This Post Helpful? 0
  • +
  • -

#3 R4y0x  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 17
  • Joined: 25-December 15

Re: Secure way to get Info from a Database

Posted 25 December 2015 - 01:40 PM

Okay Thanks alot i`ll try it right now :)
Was This Post Helpful? 0
  • +
  • -

#4 R4y0x  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 17
  • Joined: 25-December 15

Re: Secure way to get Info from a Database

Posted 25 December 2015 - 01:50 PM

So i coded it and it works but i have one question when i let all the clients execute the procedure over one account will this work without the clients login off eachother or do i have to create a new database user for every client ?
Was This Post Helpful? 0
  • +
  • -

#5 astonecipher  Icon User is offline

  • Senior Systems Engineer
  • member icon

Reputation: 2387
  • View blog
  • Posts: 9,604
  • Joined: 03-December 12

Re: Secure way to get Info from a Database

Posted 25 December 2015 - 01:55 PM

View PostR4y0x, on 25 December 2015 - 02:50 PM, said:

do i have to create a new database user for every client ?


God no. What language are you creating the app in? If you are looking for an audit trail, you can create a table that stores what clients are doing in the application and of course is tied to individual [user] accounts.

Most sites use a single db account to do everything. One account can have multiple connections.
Was This Post Helpful? 0
  • +
  • -

#6 R4y0x  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 17
  • Joined: 25-December 15

Re: Secure way to get Info from a Database

Posted 25 December 2015 - 02:03 PM

Im coding the App in Java.
Was This Post Helpful? 0
  • +
  • -

#7 Atli  Icon User is offline

  • Enhance Your Calm
  • member icon

Reputation: 4240
  • View blog
  • Posts: 7,216
  • Joined: 08-June 10

Re: Secure way to get Info from a Database

Posted 25 December 2015 - 11:10 PM

Creating a REST, or even SOAP, API in between your Java app and the Database would give you a lot more control than connecting directly to the DB. The Java app would never have to be aware of how the data is stored in the back-end, just how the API is structured to provide the needed data/functionality.

Of course, this will require you to essentially build another app - a web app - to server as your REST/SOAP API, probably in a different language than Java. (Java is not an ideal language for web dev, even though it's possible to do so.)

There is a lot of info out there about how to create REST/SOAP APIs in most popular web dev languages.

I personally work mostly in PHP now, and I could point to a couple of good libraries there I could recommend.
Other languages - like Python, .NET, Ruby, Node.js - also have a lot of SOAP related libraries available.

It's all just a Google search away.
Was This Post Helpful? 0
  • +
  • -

#8 R4y0x  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 17
  • Joined: 25-December 15

Re: Secure way to get Info from a Database

Posted 25 December 2015 - 11:50 PM

Wow, Thanks that helping me alot ill get right to it.
Was This Post Helpful? 0
  • +
  • -

#9 R4y0x  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 17
  • Joined: 25-December 15

Re: Secure way to get Info from a Database

Posted 26 December 2015 - 12:32 AM

So i tried somethings and look abit into it and my result rae that im quite confused so now i wanted to explain how i understood that so the Rest/Soap Apis are commonly written in php and are used to read data from a file or DB right ? But due to the fact that i am confused with all those tutorials i started to think if someone could tell me how to actually code that or provied me a link to a tutorial that explains it very good and simple cause all that i found made even more confused hen i was before...

Thanks in advance
Was This Post Helpful? 0
  • +
  • -

#10 Atli  Icon User is offline

  • Enhance Your Calm
  • member icon

Reputation: 4240
  • View blog
  • Posts: 7,216
  • Joined: 08-June 10

Re: Secure way to get Info from a Database

Posted 26 December 2015 - 12:57 AM

If you are a beginner, you need to learn the basics first. You can't jump on a new language or methodology and immediately start coding advanced concepts without understanding what goes into writing such code.

There is no "simple" way to explain how this works before you have the fundamentals down. My advice would be to start with some beginner tutorials for the language you've chosen and move on from there.
Was This Post Helpful? 1
  • +
  • -

#11 R4y0x  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 17
  • Joined: 25-December 15

Re: Secure way to get Info from a Database

Posted 26 December 2015 - 01:24 AM

so what lanuage would u advice for me or is the best to code a web app etc.
Was This Post Helpful? 0
  • +
  • -

#12 Atli  Icon User is offline

  • Enhance Your Calm
  • member icon

Reputation: 4240
  • View blog
  • Posts: 7,216
  • Joined: 08-June 10

Re: Secure way to get Info from a Database

Posted 26 December 2015 - 03:18 AM

If you're already a Java developer, then .NET (C#) or PHP would be familiar, syntax vise.

However Python is a very good starter language for web dev. That's the one I generally advice people to start with these days. The syntax is different, but very simple.


PHP used to be the go-to language for new web developers, but the risk there is that most PHP tutorials/articles/courses are severely outdated and often downright dangerous. You'll most likely end up learning some very bad habits if you start out with PHP. It takes some experience to learn to avoid those.
Was This Post Helpful? 0
  • +
  • -

#13 R4y0x  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 17
  • Joined: 25-December 15

Re: Secure way to get Info from a Database

Posted 26 December 2015 - 06:35 AM

During my time learn python i had a question coming up is it possible to make a web OAuth like the application sends the 2 Variables (User, Token) to the web app in a link like this :

http://www.test.com/...23423-4232-2344

and if the username and token match like in db the web app will send a boolean back to the clients app.
Was This Post Helpful? 0
  • +
  • -

#14 Atli  Icon User is offline

  • Enhance Your Calm
  • member icon

Reputation: 4240
  • View blog
  • Posts: 7,216
  • Joined: 08-June 10

Re: Secure way to get Info from a Database

Posted 26 December 2015 - 06:46 AM

Yea, of course it's possible. Using query parameters to generate content is the cornerstone of pretty much every single dynamic website ever made.
Was This Post Helpful? 0
  • +
  • -

#15 R4y0x  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 17
  • Joined: 25-December 15

Re: Secure way to get Info from a Database

Posted 26 December 2015 - 07:02 AM

how do those work or what do i haveto learn ? :D
Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2