John, The web script does not allow for open queries, it takes in the users username, password, and device id, and authenticates them with the server, before it then takes and executes a built in query on the script, using more POST data. If i store each persons information into different Tables, then the only thing that people can mess with is the information for which they have a password to modify. This is what i am currently using with PHP, and i see your point about embedding the SQL information in the app.
On Jan 22, 7:15 am, Mark Murphy <mmur...@commonsware.com> wrote: > On Sun, Jan 22, 2012 at 3:51 AM, Matt Clark <mrclark32...@gmail.com> wrote: > > Is there some kind of SQL library that i could > > just use insted of sending HTTP requests parsed by PHP files? > > That is not a good idea, for security reasons. That would mean that > your database is open for the script kiddies of the world to attack, > and that your database credentials are embedded in an APK for anyone > to extract. > > -- > Mark Murphy (a Commons > Guy)http://commonsware.com|http://github.com/commonsguyhttp://commonsware.com/blog|http://twitter.com/commonsguy > > Warescription: Three Android Books, Plus Updates, One Low Price! -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
