Retrieve Varaibles from PHP script

Discussion in 'iOS Programming' started by man2manno, Dec 9, 2010.

  1. man2manno macrumors member

    Joined:
    Mar 21, 2009
    #1
    Hey guys, does anybody know how to retrieve values of variables from a php script, that gets its values from a mysql database? I don't have a problem getting the values to the php script however, I can't seem to find a way to make a connection from the device to the script. I tried using NSURLConnection but I am still stuck. Any ideas? Thanks in advanced.
     
  2. zachsilvey macrumors 6502

    Joined:
    Feb 5, 2008
    Location:
    Battle Ground
    #2
    Why don't you just connect directly to the SQL server?
     
  3. ulbador macrumors 68000

    ulbador

    Joined:
    Feb 11, 2010
    #3
    There are a ton of reasons not to. Number one and of paramount importance is basic security. A DB server that is directly accessible from the Internet is vulnerable to a ton of different types of attack. I would always put some sort of application/api layer between an iPhone app and a database. At the very least, then it's impossible to directly access the database data; it would all be controlled via the parameters of the webapp.

    I actually had to throw together something VERY quick and dirty recently for a work project. I needed to have a webapp compatible iPhone app in 10 minutes. Here is a tidbit of the relevant code:

    Code:
    NSString *url =@"http://server.com/path/phpfile.php";
    	
    	
    	NSString *retData = [NSString stringWithContentsOfURL:[NSURL URLWithString:url] encoding:NSASCIIStringEncoding error:nil];
    	
    	NSArray *tokens = [retData componentsSeparatedByString:@"||||"];
    	
    	for (NSString *splitData in tokens) {
    		NSArray *moreTokens = [splitData componentsSeparatedByString:@";;;;"];
    		[myArray addObject:moreTokens];
    	}
    
    
    Basically, my script returned data in the form of:

    variablename;;;;value||||variablename;;;;value||||etc

    It was quick, dirty, does zero error checking, definitely not the prettiest, but very effective.
     
  4. man2manno thread starter macrumors member

    Joined:
    Mar 21, 2009
    #4
    Thank you very much, that actually looks exactly like what I was looking for but if you don't mind, you caught my attention when u mentioned the security of my application. You said I should have something there to help protect it...what should it be and why? Thanks a lot.
     
  5. ulbador, Dec 10, 2010
    Last edited: Dec 10, 2010

    ulbador macrumors 68000

    ulbador

    Joined:
    Feb 11, 2010
    #5
    Basically, you should always have some sort of application between you and a database. This means that you can only do what the applications allows you to.

    For example, if you are directly deleting records from a database, there is a good chance that you could delete the wrong rows through a proverbial "fat finger". On the other hand, if you build a web application that only allows you to delete the rows after you visually verify them, it provides another layer of security and protection. A database server should never be directly exposed to the Internet. Many of them lack SSL and other basic security features in their protocols. Also, many databases place the "burden of trust" on the application or person connecting.
     

Share This Page