Alternate way to connect to remote database without Web api call?











up vote
-2
down vote

favorite












I have my Android app and a Database that is on a remote server.



So is making a rest API the only way to connect my app to my database.



Is there a way of just referencing the database connection string and running SQL in my app?
Like in web applications(i know raw SQL is not the best way to do things).



I am open to any suggestions at this point.



Note this is just for knowledge purposes










share|improve this question




















  • 1




    If this is possible, it will not be a good idea, as it leaves your database in. a vulnerable state. Some other cracker can decompile your app and find these strings and do a lot of funny things to your database.
    – Cool Guy CG
    Nov 12 at 9:22






  • 1




    I am open to any suggestions at this point. Don't do this. Build a layer in front of your database and don't expose anything of your database to the rest of the world.
    – ZUNJAE
    Nov 12 at 10:19















up vote
-2
down vote

favorite












I have my Android app and a Database that is on a remote server.



So is making a rest API the only way to connect my app to my database.



Is there a way of just referencing the database connection string and running SQL in my app?
Like in web applications(i know raw SQL is not the best way to do things).



I am open to any suggestions at this point.



Note this is just for knowledge purposes










share|improve this question




















  • 1




    If this is possible, it will not be a good idea, as it leaves your database in. a vulnerable state. Some other cracker can decompile your app and find these strings and do a lot of funny things to your database.
    – Cool Guy CG
    Nov 12 at 9:22






  • 1




    I am open to any suggestions at this point. Don't do this. Build a layer in front of your database and don't expose anything of your database to the rest of the world.
    – ZUNJAE
    Nov 12 at 10:19













up vote
-2
down vote

favorite









up vote
-2
down vote

favorite











I have my Android app and a Database that is on a remote server.



So is making a rest API the only way to connect my app to my database.



Is there a way of just referencing the database connection string and running SQL in my app?
Like in web applications(i know raw SQL is not the best way to do things).



I am open to any suggestions at this point.



Note this is just for knowledge purposes










share|improve this question















I have my Android app and a Database that is on a remote server.



So is making a rest API the only way to connect my app to my database.



Is there a way of just referencing the database connection string and running SQL in my app?
Like in web applications(i know raw SQL is not the best way to do things).



I am open to any suggestions at this point.



Note this is just for knowledge purposes







java android android-studio






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 12 at 11:26









Bsquare

2,23511029




2,23511029










asked Nov 12 at 8:59









Lego

409




409








  • 1




    If this is possible, it will not be a good idea, as it leaves your database in. a vulnerable state. Some other cracker can decompile your app and find these strings and do a lot of funny things to your database.
    – Cool Guy CG
    Nov 12 at 9:22






  • 1




    I am open to any suggestions at this point. Don't do this. Build a layer in front of your database and don't expose anything of your database to the rest of the world.
    – ZUNJAE
    Nov 12 at 10:19














  • 1




    If this is possible, it will not be a good idea, as it leaves your database in. a vulnerable state. Some other cracker can decompile your app and find these strings and do a lot of funny things to your database.
    – Cool Guy CG
    Nov 12 at 9:22






  • 1




    I am open to any suggestions at this point. Don't do this. Build a layer in front of your database and don't expose anything of your database to the rest of the world.
    – ZUNJAE
    Nov 12 at 10:19








1




1




If this is possible, it will not be a good idea, as it leaves your database in. a vulnerable state. Some other cracker can decompile your app and find these strings and do a lot of funny things to your database.
– Cool Guy CG
Nov 12 at 9:22




If this is possible, it will not be a good idea, as it leaves your database in. a vulnerable state. Some other cracker can decompile your app and find these strings and do a lot of funny things to your database.
– Cool Guy CG
Nov 12 at 9:22




1




1




I am open to any suggestions at this point. Don't do this. Build a layer in front of your database and don't expose anything of your database to the rest of the world.
– ZUNJAE
Nov 12 at 10:19




I am open to any suggestions at this point. Don't do this. Build a layer in front of your database and don't expose anything of your database to the rest of the world.
– ZUNJAE
Nov 12 at 10:19












3 Answers
3






active

oldest

votes

















up vote
0
down vote













Connecting directly to remote DB is completely insecure. This can lead to any hijacking to DB. Today we (Developers, Companies, ...) adding more and secure layers between SQL and clients to secure DB. The DB itself has actually no security when got access directly.
Please don't do it and don't search for way to do it.
Always we have to have at least one wall between client and SQL. This wall can be our own API or any BaaS, SaaS or services like FireBase that are more than an API.






share|improve this answer




























    up vote
    0
    down vote













    It is not safe connecting a remote daabse from android directly. It is better to use a webapi. The webapi (commonly a PHP script) which acts as a bridge between Android App and Remote Database. If you directly use remote database from android app, an hacker can reveal the usename and password of database by reverse engineering of the application. It you are using webapi. The PHP script is stored in secured web server. It cannot directly accessible to the user. So webapi is better form remoted database connection.






    share|improve this answer




























      up vote
      0
      down vote













      I guess another way to connect to your DB is using Socket, but you also need to implement supporting for soket calls on backend, but it's so fast)






      share|improve this answer





















      • cool..i dont want to use this for anything besides gaining some knowledge... thanks for the suggestion
        – Lego
        Nov 12 at 10:20











      Your Answer






      StackExchange.ifUsing("editor", function () {
      StackExchange.using("externalEditor", function () {
      StackExchange.using("snippets", function () {
      StackExchange.snippets.init();
      });
      });
      }, "code-snippets");

      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "1"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });














      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53258744%2falternate-way-to-connect-to-remote-database-without-web-api-call%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      3 Answers
      3






      active

      oldest

      votes








      3 Answers
      3






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes








      up vote
      0
      down vote













      Connecting directly to remote DB is completely insecure. This can lead to any hijacking to DB. Today we (Developers, Companies, ...) adding more and secure layers between SQL and clients to secure DB. The DB itself has actually no security when got access directly.
      Please don't do it and don't search for way to do it.
      Always we have to have at least one wall between client and SQL. This wall can be our own API or any BaaS, SaaS or services like FireBase that are more than an API.






      share|improve this answer

























        up vote
        0
        down vote













        Connecting directly to remote DB is completely insecure. This can lead to any hijacking to DB. Today we (Developers, Companies, ...) adding more and secure layers between SQL and clients to secure DB. The DB itself has actually no security when got access directly.
        Please don't do it and don't search for way to do it.
        Always we have to have at least one wall between client and SQL. This wall can be our own API or any BaaS, SaaS or services like FireBase that are more than an API.






        share|improve this answer























          up vote
          0
          down vote










          up vote
          0
          down vote









          Connecting directly to remote DB is completely insecure. This can lead to any hijacking to DB. Today we (Developers, Companies, ...) adding more and secure layers between SQL and clients to secure DB. The DB itself has actually no security when got access directly.
          Please don't do it and don't search for way to do it.
          Always we have to have at least one wall between client and SQL. This wall can be our own API or any BaaS, SaaS or services like FireBase that are more than an API.






          share|improve this answer












          Connecting directly to remote DB is completely insecure. This can lead to any hijacking to DB. Today we (Developers, Companies, ...) adding more and secure layers between SQL and clients to secure DB. The DB itself has actually no security when got access directly.
          Please don't do it and don't search for way to do it.
          Always we have to have at least one wall between client and SQL. This wall can be our own API or any BaaS, SaaS or services like FireBase that are more than an API.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 12 at 9:25









          Doctor Henry

          547414




          547414
























              up vote
              0
              down vote













              It is not safe connecting a remote daabse from android directly. It is better to use a webapi. The webapi (commonly a PHP script) which acts as a bridge between Android App and Remote Database. If you directly use remote database from android app, an hacker can reveal the usename and password of database by reverse engineering of the application. It you are using webapi. The PHP script is stored in secured web server. It cannot directly accessible to the user. So webapi is better form remoted database connection.






              share|improve this answer

























                up vote
                0
                down vote













                It is not safe connecting a remote daabse from android directly. It is better to use a webapi. The webapi (commonly a PHP script) which acts as a bridge between Android App and Remote Database. If you directly use remote database from android app, an hacker can reveal the usename and password of database by reverse engineering of the application. It you are using webapi. The PHP script is stored in secured web server. It cannot directly accessible to the user. So webapi is better form remoted database connection.






                share|improve this answer























                  up vote
                  0
                  down vote










                  up vote
                  0
                  down vote









                  It is not safe connecting a remote daabse from android directly. It is better to use a webapi. The webapi (commonly a PHP script) which acts as a bridge between Android App and Remote Database. If you directly use remote database from android app, an hacker can reveal the usename and password of database by reverse engineering of the application. It you are using webapi. The PHP script is stored in secured web server. It cannot directly accessible to the user. So webapi is better form remoted database connection.






                  share|improve this answer












                  It is not safe connecting a remote daabse from android directly. It is better to use a webapi. The webapi (commonly a PHP script) which acts as a bridge between Android App and Remote Database. If you directly use remote database from android app, an hacker can reveal the usename and password of database by reverse engineering of the application. It you are using webapi. The PHP script is stored in secured web server. It cannot directly accessible to the user. So webapi is better form remoted database connection.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Nov 12 at 10:09









                  Riskhan

                  2,144113465




                  2,144113465






















                      up vote
                      0
                      down vote













                      I guess another way to connect to your DB is using Socket, but you also need to implement supporting for soket calls on backend, but it's so fast)






                      share|improve this answer





















                      • cool..i dont want to use this for anything besides gaining some knowledge... thanks for the suggestion
                        – Lego
                        Nov 12 at 10:20















                      up vote
                      0
                      down vote













                      I guess another way to connect to your DB is using Socket, but you also need to implement supporting for soket calls on backend, but it's so fast)






                      share|improve this answer





















                      • cool..i dont want to use this for anything besides gaining some knowledge... thanks for the suggestion
                        – Lego
                        Nov 12 at 10:20













                      up vote
                      0
                      down vote










                      up vote
                      0
                      down vote









                      I guess another way to connect to your DB is using Socket, but you also need to implement supporting for soket calls on backend, but it's so fast)






                      share|improve this answer












                      I guess another way to connect to your DB is using Socket, but you also need to implement supporting for soket calls on backend, but it's so fast)







                      share|improve this answer












                      share|improve this answer



                      share|improve this answer










                      answered Nov 12 at 10:09









                      Dmytro Pashko

                      1




                      1












                      • cool..i dont want to use this for anything besides gaining some knowledge... thanks for the suggestion
                        – Lego
                        Nov 12 at 10:20


















                      • cool..i dont want to use this for anything besides gaining some knowledge... thanks for the suggestion
                        – Lego
                        Nov 12 at 10:20
















                      cool..i dont want to use this for anything besides gaining some knowledge... thanks for the suggestion
                      – Lego
                      Nov 12 at 10:20




                      cool..i dont want to use this for anything besides gaining some knowledge... thanks for the suggestion
                      – Lego
                      Nov 12 at 10:20


















                      draft saved

                      draft discarded




















































                      Thanks for contributing an answer to Stack Overflow!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.





                      Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                      Please pay close attention to the following guidance:


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53258744%2falternate-way-to-connect-to-remote-database-without-web-api-call%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      Popular posts from this blog

                      Bressuire

                      Vorschmack

                      Quarantine