2

I want to connect to MySql database through windows forms application. I will be inserting bulk data into my MySql database once in a day and thereafter will be inserting only what the user selects.

What is better:

1) direct connection to MySql database through c#

2) php files which takes json data and inserts the data

What now follows is only my strong love for a better approach. The geeks out there I want answer for this:

Which is a better practice, considering a) Security reasons b) Maintenance reasons c) Architecture reasons

Thanks in Advance!! Cheers!!!

Anirudha
  • 32,393
  • 7
  • 68
  • 89
tarun_tenniso
  • 214
  • 5
  • 20

1 Answers1

3

I think you should choose the second solution :

You will have to access remotely to your database. This is never a good idea to allow remote access to databases, for security reasons :

  • Databases can be subject to DDOS attacks
  • Password can be cracked by brute-force for example
  • Some vulnerabilities of the database software would be usable for hackers ...

Moreover, you would have to ensure that your C# app can communicate with database, means for MySQL that the port 3306 is opened on the machine that executes the app.

The best solution in your case will be to create some PHP webservices just beside your database. Your C# app will call these and send his data, PHP will handle inserts into database.

Advantages :

  • no security issues with your database, since it's only accessible locally.
  • only port 80 (or 443 if you work with SSL) has to be opened on the machine that executes your C#app

Disadvantage :

  • You will have a little delay between the user input and the database insert.
OlivierH
  • 3,875
  • 1
  • 19
  • 32
  • ya the delay part.... probably around 10000 records will be inserted daily. so through php it will be a bit slow thats what i guessed. but security as u mentioned always has to be given the first priority – tarun_tenniso Nov 27 '13 at 12:11
  • A bit slow not really, you don't necessarily have to make 10000 calls. You should be able to package your data to limit the number of calls. When I talk about delay, I don't mean hours but seconds, maybe minutes. – OlivierH Nov 27 '13 at 12:59
  • BTW, what you mean when you say that C# app should "be inserting only what the user selects.". What is the matter ? Does the user has to see what he "selected" ? – OlivierH Nov 27 '13 at 13:05
  • No he will select the from and to dates and the data betweeen these dates should be sent to server – tarun_tenniso Nov 27 '13 at 13:18
  • 1
    So the little delay I talked about won't be a problem ? If so, you can go this way, it works really well. I personally use SOAP webservices in order to do this : You work with classes you create PHP side, then generate your WSDL (web services descriptor) automatically with Zend Soap. You are now able to use your objects and methods directly in C# by using a Web Reference in which you give WSDL's URL. Really fast way to do it. See [this for SOAP PHP side](http://framework.zend.com/manual/2.2/en/modules/zend.soap.server.html), and [this for C#](http://stackoverflow.com/a/6634420/2806497). – OlivierH Nov 27 '13 at 13:22