1

I have a phpmyadmin setup with dream host. Lets say for instance I wanted to retrieve user names and passwords from the database from android, how would I go about doing that? To access my database, I need the username and password for the database, so how can I connect through android without people being able to view the source code of my app and see the database credentials?

EDIT: A big misunderstanding I have is, where do I store the php webservice file? Not on the device, right?

Wyatt
  • 493
  • 7
  • 18

2 Answers2

3

You can connect directly to MySQL, but is not a good practice, specially for production apps. My advice is to use a Web service that will facilitate the connection.

Web services are services that are made available from a business's Web server for Web users or other Web-connected programs, in this case, your Android app.

Here is a great tutorial to get you started Android, MySQL and PHP

Nick
  • 1,032
  • 16
  • 27
  • You definitely can connect to MySQL directly through JDBC, though there are many problems with different versions. But it is possible. – Wukash Mar 27 '16 at 15:50
  • Possible, but not a good practice, specially for production apps. I'll update my answer. – Nick Mar 27 '16 at 15:53
  • I'm new to web/android development. I looked through the tutorial, and I still don't quiet understand the web service thing. Is the php file the web service? I am also still confused about where I store the database login credentials to pull information from it – Wyatt Mar 27 '16 at 16:09
  • Yes the php file will act as the webservice. You can store the database credentials on the php file, that way no one will be able to see them. – Nick Mar 27 '16 at 16:33
  • Where would the php file be stored? – Wyatt Mar 27 '16 at 18:00
  • @Nick G Also, if my application can retrieve information from the web service, can't anyone else do the same thing? How would that be secured? – Wyatt Mar 27 '16 at 19:37
  • The php file will be stored in your server. Regarding your second question, yes they can if they know the url. This is just a simple example to get you started, once you get going you can create additional layers of security, sending an Api Key via post, something like that. The best approach will be to use a PHP framework to create an API. I recommend SlimFramework, is pretty lightweight and you will be up and going in no time. – Nick Mar 28 '16 at 16:05
-1

Make a class to make an HTTP request to the server. For example (I am using JSON parsing to get the values): 

public class JSONfunctions {
      public static JSONObject getJSONfromURL(String url) {
        InputStream is = null;
        String result = "";
        JSONObject jArray = null;

        // Download JSON data from URL
        try {
            HttpClient httpclient = new DefaultHttpClient();
            HttpPost httppost = new HttpPost(url);
            HttpResponse response = httpclient.execute(httppost);
            HttpEntity entity = response.getEntity();
            is = entity.getContent();

        } catch (Exception e) {
            Log.e("log_tag", "Error in http connection " + e.toString());
        }

        // Convert response to string
        try {
            BufferedReader reader = new BufferedReader(new InputStreamReader(
                    is, "iso-8859-1"), 8);
            StringBuilder sb = new StringBuilder();
            String line = null;
            while ((line = reader.readLine()) != null) {
                sb.append(line + "\n");
            }
            is.close();
            result = sb.toString();
        } catch (Exception e) {
            Log.e("log_tag", "Error converting result " + e.toString());
        }

        try {
            jArray = new JSONObject(result);
        } catch (JSONException e) {
            Log.e("log_tag", "Error parsing data " + e.toString());
        }

        return jArray;
      }
    }

In your MainActivity, make an object with the class JsonFunctions and pass the URL from where you want to get the data as an argument. For example:

JSONObject jsonobject;
jsonobject = JSONfunctions.getJSONfromURL("http://YOUR_DATABASE_URL");

And then finally read the JSON tags and store the values in an ArrayList. Later, show them in a ListView if you want.

You might find an answer here Can an Android App connect directly to an online mysql database

Community
  • 1
  • 1
srccode
  • 721
  • 4
  • 16
  • 2
    An http connection? Really? Can't you find something more secure? Like https? – Tom Mar 27 '16 at 15:58
  • first let him try http then he can move to https – srccode Mar 27 '16 at 16:02
  • 1
    then I let you update your answer to emphasis how insecure it is to use http in that context, **because anybody on the network can stole his database password**. – Tom Mar 27 '16 at 16:05