I have written a swift function that retrieves the contents of a URL. I am passing variable with POST that use PHP to interact with a MySQL database. Unfortunately, after writing my application I have realized that this is very unsecure, as the POST variable can be easily intercepted. Is there a way to keep the existing code, but secure it enough that it cannot be exploited easily? I have heard of SSL certificates, however I have no idea how to go about applying them to this kind of interaction. I have also thought about encrypting the URL, however I cannot write a good encryption myself, therefore I would need to use a swift library to do it for me. Obviously the same library would not work in PHP do decrypt to interact with the database. If you have any way to secure this guy, please let me know! Thanks
Code:
let username = "bob"
let secretAccessKay = "123abc"
let myUrl = NSURL(string: "http://127.0.0.1/phpscript.php")
let request = NSMutableURLRequest(URL: myUrl!)
request.HTTPMethod = "POST"
let postString = "username=\(username)&secretAccessKey=\(secretAccessKey)"
request.HTTPBody = postString.dataUsingEncoding(NSUTF8StringEncoding)
let task = NSURLSession.sharedSession().dataTaskWithRequest(request) {
data, response, error in
dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_HIGH, 0)) {
let responseString = NSString(data: data!, encoding: NSUTF8StringEncoding)
if error != nil {
print("Error: \(error)")
}
dispatch_async(dispatch_get_main_queue()) {
self.testLabel.text = "\(responseString!)"
}
}
}
task.resume()