How Secure is connecting to a MYSQL DB via Java for Android

**stu567blue** · Apr 29, 2012 13:56

Hi All,

Quick question. I have recently developed a website that enables people to post deals and offers directly onto the website through an android application. I have been told that I will need to develop an API as this assists with the overall security of the application.

However, I have thought wouldn't it be easier for me to just develop the entire application in Java and connect to the MYSQL DB via the tools available.

I'd like to know just how secure is connecting to a MYSQL DB via Android?

If anyone has any experience of this I'd love to hear from you.

**EastCoast** · Apr 29, 2012 16:01

Entirely insecure, if you're referring to opening a connection directly to the mysql process on a remote server.
You absolutely -must- have some server side processing between the app and the mysql database e.g a php script, to check the user submitted data is valid and to guard against malicious sql injection.

**stu567blue** · Apr 29, 2012 16:09

Hey East Coasts,

Thank you for your reply.

How would you go about doing that i.e. connecting to a PHP script in Java?? Is it a case of making Java read the file??

**EastCoast** · May 1, 2012 15:31

Yes use URLconnection and getdatastream. Java will read the response from the file, not the file content itself

User Tag List

Thread: How Secure is connecting to a MYSQL DB via Java for Android

Thread Tools

Display

How Secure is connecting to a MYSQL DB via Java for Android

Bookmarks

Bookmarks

Posting Permissions