Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why don't connect android to database directly?

Tags:

android

security

sql

sql-server

mysql

I see many people trying to connect an Android device directly in a database like SQL Server or MySql and the answers are always the same: Use a web service. Why not connect directly an Android device with a database? I'm using a local network with my Android application.

like image 818
Luiz Fernando Moratelli Avatar asked Nov 20 '12 11:11

Luiz Fernando Moratelli

People also ask

Can Android app connect to MySQL database?

This is very useful in case you have a webserver, and you want to access its data on your android application. MYSQL is used as a database at the webserver and PHP is used to fetch data from the database.

What database can be used with Android?

SQLite is a opensource SQL database that stores data to a text file on a device. Android comes in with built in SQLite database implementation.

Does SQL work on Android?

SQL Code Play is a mobile application for Android and iOS device. This having inbuilt editor, this SQLite editor is used to run sql queries and practice. Also, you can use this to learn SQL tutorial offline. It is very helpful for SQL developer to prepare their interview questions.

2 Answers

There are a number of reasons.

  1. Security- If the user has direct access, they can get anything from your database. Plus they will have a password into your database. As a result, if the SQL server you are using has a flaw, then they can exploit it. Also, if your permissions are set up wrong, the could wipe your database.
  2. Speed- If the users frequently use large queries, then it can bog down your system quickly and needlessly. If you go through a web interface, you can throttle it.
  3. Accessibility- Web queries are supported by almost everything. It requires special clients to access SQL databases directly.

But if you trust your users completely, have the right libraries/drivers, then you could allow direct querying, and it might even be a bit quicker.

like image 145
PearsonArtPhoto Avatar answered Sep 17 '22 11:09

PearsonArtPhoto

If your app connects directly to the database server you have to hardcode username / password which is very insecure. With some tools an attacker can decompile your apk and can access username / password in this way and can connect to your database with read (+write) access without using your app.

like image 35
Terel Avatar answered Sep 19 '22 11:09

Terel
Sign in to Comment

Related questions

Draw selector on top - for a basic linear layout?
Rectangle shape drawable won't show as checkbox selector item
Android/Java: Convert any string to color (hex)
List item becomes unclickable if contains a RatingBar?
How to flip ImageView in Android?
Android - Dynamic Spinner
Implementing extended/custom View throws NoSuchMethod for constructor
android:visibility attribute in preferences xml not working? (Android 2.3)
BigDecimal to the power of BigDecimal on Java/Android
phonegap Class not found at file:///android_asset/www/cordova-2.0.0.js:938
Disable/Delay Android Lock Screen Programmatically
HTML5 audio tag is not working in Android
whats the equivilent of getCheckedItemCount() for API level < 11?
getSupportFragmentManager() versus getFragmentManager() in android 3.0+
Can't load native shared library with dependencies in a native activity app
How do I determine why my Android app requires certain permissions?
Broken ... System Image for Android in SDK Manager
Post data to webview in android
How to convert from fraction formatted string to Decimal or Float in Java?
What happens if the Parse cloud data service fails?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!