douyanyan1123 2011-05-06 17:28
浏览 44
已采纳

在iOS中检索SQL数据

I'm currently writing an application for the iPhone, and I need to retrieve data from a MySQL database that is remotely hosted.

I have decided to use PHP to be my "middle man", retrieving the data from SQL, and parsing it to XML.

I will host the PHP file at the same domain as my MySQL server, and call to it in Objective-C. Example: http://backend.foobar.com/retrieve.php

My question is, are there any security issues retrieving information in this way?

I am not transmitting any sensitive data, I'm just thinking database integrity etc.

Thanks guys!

  • 写回答

1条回答 默认 最新

  • douzi2749 2011-05-06 17:34
    关注

    If it's just to retrieve data, then create a user in MySQL who only has SELECT privileges on the database/tables you'd be accessing remotely. That would preclude anyone doing some sql injection attacks and trying to drop or otherwise manipulate the database - they simply would not have the rights to make any changes.

    If your app needs read/write permissions, then you've got a lot of work to do - sanitization of inputs, proper query construction (eg. using PDO) to prevent injection attacks, etc...

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 安卓adb backup备份应用数据失败
  • ¥15 eclipse运行项目时遇到的问题
  • ¥15 关于#c##的问题:最近需要用CAT工具Trados进行一些开发
  • ¥15 南大pa1 小游戏没有界面,并且报了如下错误,尝试过换显卡驱动,但是好像不行
  • ¥15 没有证书,nginx怎么反向代理到只能接受https的公网网站
  • ¥50 成都蓉城足球俱乐部小程序抢票
  • ¥15 yolov7训练自己的数据集
  • ¥15 esp8266与51单片机连接问题(标签-单片机|关键词-串口)(相关搜索:51单片机|单片机|测试代码)
  • ¥15 电力市场出清matlab yalmip kkt 双层优化问题
  • ¥30 ros小车路径规划实现不了,如何解决?(操作系统-ubuntu)