How Secure is connecting to a MYSQL DB via Java for Android

Hi All,

Quick question. I have recently developed a website that enables people to post deals and offers directly onto the website through an android application. I have been told that I will need to develop an API as this assists with the overall security of the application.

However, I have thought wouldn’t it be easier for me to just develop the entire application in Java and connect to the MYSQL DB via the tools available.

I’d like to know just how secure is connecting to a MYSQL DB via Android?

If anyone has any experience of this I’d love to hear from you.

Entirely insecure, if you’re referring to opening a connection directly to the mysql process on a remote server.
You absolutely -must- have some server side processing between the app and the mysql database e.g a php script, to check the user submitted data is valid and to guard against malicious sql injection.

Hey East Coasts,

Thank you for your reply.

How would you go about doing that i.e. connecting to a PHP script in Java?? Is it a case of making Java read the file??

Yes use URLconnection and getdatastream. Java will read the response from the file, not the file content itself