Android Tutorial Remote Database Connector (RDC) - Connect to any remote DB

Status
Not open for further replies.
jRDC version 2 is available here: https://www.b4x.com/android/forum/t...ation-of-rdc-remote-database-connector.61801/

This tutorial covers a new framework named Remote Database Connector (RDC). The purpose of RDC is to make it simple to develop Android applications that interact with remote database servers.

There are two components in this framework: a lightweight Java web server (the middleware) and a B4A class named DBRequestManager that interacts with this web server.

The Java web server can connect to any database platform that provides a JDBC driver.

This includes: MySQL, SQL Server, Oracle, Sybase, DB2, postgreSQL, Firebird and many others.

You can also use the web server without a database server by connecting to a local SQLite database file.

The Java web-server is a simple server that connects to the database server and to the Android clients.
As this is a Java app you can run it on Linux or Windows computers. It requires Java JRE 6 or 7.

This solution is much more powerful than the PHP (MySQL) and ASP.Net (MS SQL) solutions that are already available.

Main advantages over previous solutions:
  • Support for many types of database platforms.
  • Significantly better performance.
  • SQL statements are configured in the server (safer).
  • Support for all types of statements, including batch statements.
  • Support for BLOBs.

Server Configuration

JDBC is a Java API that provides a standard method to access any database. A database driver (jar file) is required for each type of database. You will need to download the driver for your database and put it in the jdbc_driver folder.

The Java server configuration is saved in a file named config.properties.
This file includes two sections: general configuration and a list of SQL commands.

For example:

SS-2013-08-04_16.10.20.png


Note that the configuration fields are case sensitive.

DriverClass / JdbcUrl - The values of these two fields are specific to each database platform. You will usually find the specification together with the required driver jar file.

User / Password - Database user and password.

ServerPort - The Java server will listen to this provided port.

Debug - If Debug is set to true then the SQL commands list will be loaded on every request. This is useful during development as it allows you to modify the commands without restarting the server process.

SQL Commands - A list of commands. Each command starts with 'sql.'. The commands can include question marks (parameterised queries). Question marks will be replaced with the values provided by the Android clients. Note that the command name is case sensitive and it doesn't include the 'sql.' prefix.

Client Code
The client sends requests to the server. There are two types of requests: query requests (usually SELECT statements) and batch requests (any other statement).

Note that both the client and the server can manage multiple requests in parallel.
Usually you will only need a single DBRequestManager object.

Each request is made of a command (or a list of commands) and a tag. The tag can be any object you like. You can use it later when the result is ready. The tag is not sent to the server.

A command is an object of type DBCommand:
B4X:
Type DBCommand (Name As String, Parameters() As Object)
Name - The case sensitive command name as configured in the server configuration (without sql.).
Parameters - An array of objects that will be sent to the server and will replace the question marks in the command.

For example to send a SELECT request:
B4X:
Dim cmd As DBCommand
cmd.Initialize
cmd.Name = "select_animal"
cmd.Parameters = Array As Object("cat 1")
reqManager.ExecuteQuery(cmd, 0, "cat 1")
ExecuteQuery expects three parameters: the command, maximum number of rows to return or 0 if there is no limit and the tag value.

Under the hood DBRequestManager creates a HttpJob for each request. The job name is always "DBRequest".

You should handle the JobDone event in your activity or service:
B4X:
Sub JobDone(Job As HttpJob)
   If Job.Success = False Then
     Log("Error: " & Job.ErrorMessage)
   Else
     If Job.JobName = "DBRequest" Then
       Dim result As DBResult = reqManager.HandleJob(Job)
       If result.Tag = "cat 1" Then 'query tag
         For Each records() As Object In result.Rows
           Dim name As String = records(0) 'or records(result.Columns.Get("name"))
           Log(name)
         Next
       End If
     End If
   End If
   Job.Release
End Sub

As you can see in the above code, DBRequestManager.HandleJob method takes the Job and returns a DBResult object:
B4X:
Type DBResult (Tag As Object, Columns As Map, Rows As List)
Tag - The request tag.
Columns - A Map with the columns names as keys and the columns ordinals as values.
Rows - A list that holds an array of objects for each row in the result set.

Non-select commands are sent with ExecuteCommand (single command) or ExecuteBatch (any number of commands). It is significantly faster to send one request with multiple commands over multiple requests. Batch statements are executed in a single transaction. If one of the commands fail all the batch commands will be cancelled (roll-backed).

Note that for non-select requests, Rows field in the results will hold an array with a single int for each command. The int value is the number of affected rows (for each command separately).

Initializing DBRequestManager:
B4X:
Sub Activity_Create(FirstTime As Boolean)
   If FirstTime Then
     reqManager.Initialize(Me, "http://192.168.0.100:17178")
   End If
End Sub
The first parameter is the module that will handle the JobDone event.
The second parameter is the link to the Java server (with the port number).

DBRequestManager provides the following helper methods for common tasks related to BLOB fields: FileToBytes, ImageToBytes and BytesToImage.It also includes a method named PrintTable that prints DBTable objects to the logs.

Framework Setup
  1. Unpack the server zip file.
  2. You will need to download the driver for your database platform and copy the jar file to jdbc_driver folder.
  3. Edit config.properties as discussed above.
  4. Edit RunRLC.bat and set the path to java.exe. If you are running it on Linux then you need to create a similar script with the path to java. On Linux you should change the ';' separator to ':'.
  5. Run the server :)
    You should see something like:

    SS-2013-08-04_17.05.16.png


    Note that the path to config.properties is printed in the second line.
  6. Add an exception for the server port in your firewall.
  7. Try to access the server from the browser:

    SS-2013-08-04_17.06.17.png


    You will probably not see the above message on the first run :(. Instead you will need to check the server output and read the error message.
    If you are able to call the server from the local computer and not from other devices then it is a firewall issue.

Tips

  • MySQL driver is available here: http://dev.mysql.com/downloads/connector/j/
  • Google for <your database> JDBC Driver to find the required driver. For SQL Server you can use this open source project: http://jtds.sourceforge.net/
  • The server uses an open source project named c3p0 to manage the database connection pool. It can be configured if needed by modifying the c3p0.properties file.
  • Use a text editor such as Notepad++ to edit the properties file.
  • If you are running the server on Linux then you can run it with nohup to prevent the OS from killing the process when you log out.
  • Java doesn't need to be installed. You can just unpack the files.
The server is based on the two following open source projects:
Jetty - http://www.eclipse.org/jetty/
c3p0 - http://www.mchange.com/projects/c3p0/index.html
http://www.mchange.com/projects/c3p0/index.html
 
Last edited:

IlCasti

Active Member
Licensed User
Longtime User
Hi all
is there a way to create a table with parameters? something like that:

B4X:
sql.CreaTabella = CREATE TABLE ? (\
        Id_Versione INT NOT NULL AUTO_INCREMENT, \
        PRIMARY KEY (Id_Versione))

with

B4X:
Dim cmd As DBCommand
cmd.Initialize
cmd.Name = "CreaTabella"
cmd.Parameters = Array As Object("Versione")
reqManager.ExecuteCommand(cmd, "VersioneUpd")


Thank u
IlCasti
 

IlCasti

Active Member
Licensed User
Longtime User
Does RDC support Https connection for secure data transfer?
If i'm not wrong, i read in these thread posts, that http transfer are readable from expert user.
With this type of connection all should be trusted?
I can't test it cause i'm working in a local lan.

Thank you.
 

IlCasti

Active Member
Licensed User
Longtime User
RDC doesn't support https. You can however build a similar solution with B4J which does support https.

Are there any ways to workaround this "lack" or i have to build my own Https RDC through B4J?
I liked this method because i had to keep up to date the application queries
I never used B4J.. Some tips or link to start or other libraries that use Https?
Cause i am assuming that, even if, database user and database password stored on server is possible to create hack app to modify, insert and update database data throught my app connection.. is it?

This is what wireshark sniff
Anyone could translate?

B4X:
/* Frame (272 bytes) */
static const unsigned char pkt1[272] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x01, 0x02, 0xf0, 0x6c, 0x40, 0x00, 0x40, 0x06, /* ...l@.@. */
0x71, 0x3e, 0xc0, 0xa8, 0x2b, 0x01, 0xc0, 0xa8, /* q>..+... */
0x2b, 0xf9, 0xc6, 0x0c, 0x0c, 0xeb, 0x2f, 0xe2, /* +...../. */
0xb2, 0xaf, 0x3a, 0x59, 0xcb, 0xe7, 0x80, 0x18, /* ..:Y.... */
0x1c, 0x84, 0x7b, 0x40, 0x00, 0x00, 0x01, 0x01, /* ..{@.... */
0x08, 0x0a, 0x13, 0x46, 0x4d, 0x62, 0x06, 0x24, /* ...FMb.$ */
0x3d, 0x74, 0x50, 0x4f, 0x53, 0x54, 0x20, 0x2f, /* =tPOST / */
0x3f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x3d, /* ?method= */
0x71, 0x75, 0x65, 0x72, 0x79, 0x20, 0x48, 0x54, /* query HT */
0x54, 0x50, 0x2f, 0x31, 0x2e, 0x31, 0x0d, 0x0a, /* TP/1.1.. */
0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2d, /* Content- */
0x4c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x3a, 0x20, /* Length:  */
0x35, 0x34, 0x0d, 0x0a, 0x43, 0x6f, 0x6e, 0x74, /* 54..Cont */
0x65, 0x6e, 0x74, 0x2d, 0x54, 0x79, 0x70, 0x65, /* ent-Type */
0x3a, 0x20, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, /* : applic */
0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x78, 0x2d, /* ation/x- */
0x77, 0x77, 0x77, 0x2d, 0x66, 0x6f, 0x72, 0x6d, /* www-form */
0x2d, 0x75, 0x72, 0x6c, 0x65, 0x6e, 0x63, 0x6f, /* -urlenco */
0x64, 0x65, 0x64, 0x0d, 0x0a, 0x48, 0x6f, 0x73, /* ded..Hos */
0x74, 0x3a, 0x20, 0x31, 0x39, 0x32, 0x2e, 0x31, /* t: 192.1 */
0x36, 0x38, 0x2e, 0x34, 0x33, 0x2e, 0x32, 0x34, /* 68.43.24 */
0x39, 0x3a, 0x33, 0x33, 0x30, 0x37, 0x0d, 0x0a, /* 9:3307.. */
0x43, 0x6f, 0x6e, 0x6e, 0x65, 0x63, 0x74, 0x69, /* Connecti */
0x6f, 0x6e, 0x3a, 0x20, 0x4b, 0x65, 0x65, 0x70, /* on: Keep */
0x2d, 0x41, 0x6c, 0x69, 0x76, 0x65, 0x0d, 0x0a, /* -Alive.. */
0x0d, 0x0a, 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, /* ........ */
0x00, 0x00, 0x00, 0x00, 0x63, 0xb5, 0x4f, 0x4b, /* ....c.OK */
0x4b, 0x63, 0x64, 0x60, 0x60, 0xe0, 0x29, 0x4d, /* Kcd``.)M */
0xca, 0x8d, 0x2f, 0x4b, 0x2d, 0x2a, 0xce, 0xcc, /* ../K-*.. */
0xcf, 0x4b, 0x65, 0x80, 0x00, 0x46, 0xb0, 0x44, /* .Ke..F.D */
0x18, 0x54, 0xd0, 0x3d, 0x31, 0x37, 0x15, 0x00, /* .T.=17.. */
0x65, 0x07, 0xc6, 0xdb, 0x2f, 0x00, 0x00, 0x00  /* e.../... */
};

/* Frame (66 bytes) */
static const unsigned char pkt5[66] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x34, 0xf0, 0x6d, 0x40, 0x00, 0x40, 0x06, /* .4.m@.@. */
0x72, 0x0b, 0xc0, 0xa8, 0x2b, 0x01, 0xc0, 0xa8, /* r...+... */
0x2b, 0xf9, 0xc6, 0x0c, 0x0c, 0xeb, 0x2f, 0xe2, /* +...../. */
0xb3, 0x7d, 0x3a, 0x59, 0xcc, 0x45, 0x80, 0x10, /* .}:Y.E.. */
0x1c, 0x84, 0x17, 0xb4, 0x00, 0x00, 0x01, 0x01, /* ........ */
0x08, 0x0a, 0x13, 0x46, 0x4d, 0x63, 0x06, 0x24, /* ...FMc.$ */
0x46, 0x76                                      /* Fv */
};

/* Frame (66 bytes) */
static const unsigned char pkt6[66] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x34, 0xf0, 0x6e, 0x40, 0x00, 0x40, 0x06, /* .4.n@.@. */
0x72, 0x0a, 0xc0, 0xa8, 0x2b, 0x01, 0xc0, 0xa8, /* r...+... */
0x2b, 0xf9, 0xc6, 0x0c, 0x0c, 0xeb, 0x2f, 0xe2, /* +...../. */
0xb3, 0x7d, 0x3a, 0x59, 0xcc, 0x7c, 0x80, 0x10, /* .}:Y.|.. */
0x1c, 0x84, 0x17, 0x7d, 0x00, 0x00, 0x01, 0x01, /* ...}.... */
0x08, 0x0a, 0x13, 0x46, 0x4d, 0x63, 0x06, 0x24, /* ...FMc.$ */
0x46, 0x76                                      /* Fv */
};

/* Frame (66 bytes) */
static const unsigned char pkt7[66] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x34, 0xf0, 0x6f, 0x40, 0x00, 0x40, 0x06, /* .4.o@.@. */
0x72, 0x09, 0xc0, 0xa8, 0x2b, 0x01, 0xc0, 0xa8, /* r...+... */
0x2b, 0xf9, 0xc6, 0x0c, 0x0c, 0xeb, 0x2f, 0xe2, /* +...../. */
0xb3, 0x7d, 0x3a, 0x59, 0xcc, 0x81, 0x80, 0x10, /* .}:Y.... */
0x1c, 0x84, 0x17, 0x78, 0x00, 0x00, 0x01, 0x01, /* ...x.... */
0x08, 0x0a, 0x13, 0x46, 0x4d, 0x63, 0x06, 0x24, /* ...FMc.$ */
0x46, 0x76                                      /* Fv */
};

/* Frame (66 bytes) */
static const unsigned char pkt9[66] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x34, 0x68, 0x06, 0x00, 0x00, 0x29, 0x06, /* .4h...). */
0x4b, 0x9e, 0xad, 0xc2, 0x43, 0xbc, 0xc0, 0xa8, /* K...C... */
0x2b, 0xf9, 0x01, 0xbb, 0xc1, 0x65, 0x0a, 0x7f, /* +....e.. */
0x4a, 0x43, 0x87, 0xcd, 0xb9, 0x8b, 0x80, 0x10, /* JC...... */
0x01, 0x69, 0xbe, 0x46, 0x00, 0x00, 0x01, 0x01, /* .i.F.... */
0x05, 0x0a, 0x87, 0xcd, 0xb9, 0x8a, 0x87, 0xcd, /* ........ */
0xb9, 0x8b                                      /* .. */
};

/* Frame (54 bytes) */
static const unsigned char pkt17[54] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x28, 0x38, 0x0a, 0x00, 0x00, 0x32, 0x06, /* .(8...2. */
0x42, 0x4a, 0xad, 0xc2, 0x74, 0x18, 0xc0, 0xa8, /* BJ..t... */
0x2b, 0xf9, 0x01, 0xbb, 0xc1, 0x6d, 0x3c, 0xb7, /* +....m<. */
0xdf, 0x25, 0x15, 0x36, 0xfd, 0x39, 0x50, 0x10, /* .%.6.9P. */
0x01, 0x69, 0xae, 0x79, 0x00, 0x00              /* .i.y.. */
};

/* Frame (141 bytes) */
static const unsigned char pkt18[141] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x7f, 0x38, 0x0d, 0x00, 0x00, 0x32, 0x06, /* ..8...2. */
0x41, 0xf0, 0xad, 0xc2, 0x74, 0x18, 0xc0, 0xa8, /* A...t... */
0x2b, 0xf9, 0x01, 0xbb, 0xc1, 0x6d, 0x3c, 0xb7, /* +....m<. */
0xdf, 0x25, 0x15, 0x36, 0xfd, 0x39, 0x50, 0x18, /* .%.6.9P. */
0x01, 0x69, 0xce, 0xc9, 0x00, 0x00, 0x17, 0x03, /* .i...... */
0x03, 0x00, 0x52, 0x77, 0xb2, 0x1f, 0x2f, 0x36, /* ..Rw../6 */
0x87, 0xd1, 0xef, 0xa7, 0x2d, 0xa7, 0xb2, 0x32, /* ....-..2 */
0x9b, 0x38, 0x48, 0xbe, 0x6a, 0xb0, 0xeb, 0xfe, /* .8H.j... */
0x4d, 0x46, 0x3c, 0xf1, 0x06, 0x06, 0x6b, 0x96, /* MF<...k. */
0x1f, 0x71, 0xc4, 0x51, 0x06, 0x91, 0xf8, 0x8a, /* .q.Q.... */
0x88, 0xec, 0x87, 0x49, 0x7a, 0x71, 0x9a, 0xbc, /* ...Izq.. */
0x3d, 0xe1, 0x16, 0x6d, 0x09, 0x71, 0x4d, 0x71, /* =..m.qMq */
0xbe, 0xd0, 0xb4, 0x66, 0x72, 0xb9, 0xbc, 0x52, /* ...fr..R */
0x44, 0x50, 0x93, 0x91, 0x8e, 0x87, 0xa3, 0xcd, /* DP...... */
0x0a, 0x2c, 0xa1, 0xed, 0x84, 0xc8, 0xb5, 0xec, /* .,...... */
0x8c, 0x69, 0xf0, 0x8b, 0x40                    /* .i..@ */
};

/* Frame (127 bytes) */
static const unsigned char pkt19[127] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x71, 0x38, 0x0e, 0x00, 0x00, 0x32, 0x06, /* .q8...2. */
0x41, 0xfd, 0xad, 0xc2, 0x74, 0x18, 0xc0, 0xa8, /* A...t... */
0x2b, 0xf9, 0x01, 0xbb, 0xc1, 0x6d, 0x3c, 0xb7, /* +....m<. */
0xdf, 0x7c, 0x15, 0x36, 0xfd, 0x39, 0x50, 0x18, /* .|.6.9P. */
0x01, 0x69, 0xb8, 0x6f, 0x00, 0x00, 0x17, 0x03, /* .i.o.... */
0x03, 0x00, 0x44, 0x3e, 0xf9, 0xb6, 0x30, 0xb2, /* ..D>..0. */
0xea, 0xd4, 0x5f, 0x44, 0x23, 0x68, 0x99, 0xcc, /* .._D#h.. */
0x67, 0x02, 0x68, 0xcb, 0xcc, 0x9b, 0xe8, 0x15, /* g.h..... */
0x27, 0xc4, 0xdc, 0x3d, 0x9a, 0xb0, 0x5a, 0xfc, /* '..=..Z. */
0xc2, 0xf2, 0x9a, 0xaa, 0xee, 0x90, 0x7e, 0x72, /* ......~r */
0x3f, 0x36, 0x9e, 0x2b, 0xdb, 0x7c, 0xc1, 0xa4, /* ?6.+.|.. */
0x51, 0x49, 0x6a, 0x71, 0xcc, 0x57, 0xb5, 0x8d, /* QIjq.W.. */
0xb1, 0x1b, 0xe4, 0x9e, 0xca, 0x1d, 0x35, 0x37, /* ......57 */
0x72, 0x02, 0x11, 0x49, 0xf0, 0x1a, 0x5c        /* r..I..\ */
};

/* Frame (92 bytes) */
static const unsigned char pkt21[92] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x4e, 0x38, 0x0f, 0x00, 0x00, 0x32, 0x06, /* .N8...2. */
0x42, 0x1f, 0xad, 0xc2, 0x74, 0x18, 0xc0, 0xa8, /* B...t... */
0x2b, 0xf9, 0x01, 0xbb, 0xc1, 0x6d, 0x3c, 0xb7, /* +....m<. */
0xdf, 0xc5, 0x15, 0x36, 0xfd, 0x39, 0x50, 0x18, /* ...6.9P. */
0x01, 0x69, 0xa9, 0x49, 0x00, 0x00, 0x17, 0x03, /* .i.I.... */
0x03, 0x00, 0x21, 0xf5, 0x59, 0xc5, 0xf3, 0x82, /* ..!.Y... */
0xff, 0x53, 0xa2, 0x4e, 0x48, 0x40, 0x20, 0xfa, /* .S.NH@ . */
0xde, 0x21, 0x97, 0x83, 0x60, 0x06, 0x2e, 0x40, /* .!..`..@ */
0xd0, 0x60, 0x83, 0xae, 0xc0, 0x26, 0x6e, 0xba, /* .`...&n. */
0x0f, 0x46, 0xda, 0x21                          /* .F.! */
};

/* Frame (92 bytes) */
static const unsigned char pkt23[92] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x4e, 0x38, 0x7a, 0x00, 0x00, 0x32, 0x06, /* .N8z..2. */
0x41, 0xb4, 0xad, 0xc2, 0x74, 0x18, 0xc0, 0xa8, /* A...t... */
0x2b, 0xf9, 0x01, 0xbb, 0xc1, 0x6d, 0x3c, 0xb7, /* +....m<. */
0xdf, 0xeb, 0x15, 0x36, 0xfd, 0x5f, 0x50, 0x18, /* ...6._P. */
0x01, 0x69, 0x26, 0x40, 0x00, 0x00, 0x17, 0x03, /* .i&@.... */
0x03, 0x00, 0x21, 0x89, 0x64, 0x4d, 0xbc, 0x3b, /* ..!.dM.; */
0xed, 0xec, 0x5e, 0x35, 0x9f, 0x93, 0xd3, 0x10, /* ..^5.... */
0x50, 0x40, 0xe6, 0x51, 0xf6, 0x3a, 0x34, 0xdc, /* P@.Q.:4. */
0xbf, 0xaa, 0x81, 0xd6, 0x13, 0x1f, 0xe5, 0x00, /* ........ */
0x76, 0x21, 0x5a, 0xd7                          /* v!Z. */
};

/* Frame (54 bytes) */
static const unsigned char pkt25[54] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x28, 0x39, 0x46, 0x00, 0x00, 0x32, 0x06, /* .(9F..2. */
0x41, 0x0e, 0xad, 0xc2, 0x74, 0x18, 0xc0, 0xa8, /* A...t... */
0x2b, 0xf9, 0x01, 0xbb, 0xc1, 0x6d, 0x3c, 0xb7, /* +....m<. */
0xe0, 0x11, 0x15, 0x36, 0xfd, 0x85, 0x50, 0x10, /* ...6..P. */
0x01, 0x69, 0xad, 0x41, 0x00, 0x00              /* .i.A.. */
};

/* Frame (66 bytes) */
static const unsigned char pkt30[66] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x34, 0xcb, 0x32, 0x00, 0x00, 0x29, 0x06, /* .4.2..). */
0xe8, 0x71, 0xad, 0xc2, 0x43, 0xbc, 0xc0, 0xa8, /* .q..C... */
0x2b, 0xf9, 0x01, 0xbb, 0xc1, 0x65, 0x0a, 0x7f, /* +....e.. */
0x4a, 0x43, 0x87, 0xcd, 0xb9, 0x8b, 0x80, 0x10, /* JC...... */
0x01, 0x69, 0xbe, 0x46, 0x00, 0x00, 0x01, 0x01, /* .i.F.... */
0x05, 0x0a, 0x87, 0xcd, 0xb9, 0x8a, 0x87, 0xcd, /* ........ */
0xb9, 0x8b                                      /* .. */
};

/* Frame (66 bytes) */
static const unsigned char pkt33[66] = {
0xac, 0x72, 0x89, 0x62, 0xb8, 0x49, 0x02, 0x1a, /* .r.b.I.. */
0x11, 0xfb, 0x1a, 0xde, 0x08, 0x00, 0x45, 0x00, /* ......E. */
0x00, 0x34, 0x98, 0x1b, 0x00, 0x00, 0x32, 0x06, /* .4....2. */
0xe2, 0x2c, 0xad, 0xc2, 0x74, 0x18, 0xc0, 0xa8, /* .,..t... */
0x2b, 0xf9, 0x01, 0xbb, 0xc1, 0x6d, 0x3c, 0xb7, /* +....m<. */
0xe0, 0x11, 0x15, 0x36, 0xfd, 0x85, 0x80, 0x10, /* ...6.... */
0x01, 0x69, 0x51, 0xb3, 0x00, 0x00, 0x01, 0x01, /* .iQ..... */
0x05, 0x0a, 0x15, 0x36, 0xfd, 0x84, 0x15, 0x36, /* ...6...6 */
0xfd, 0x85                                      /* .. */
};
 
Last edited:

Erel

B4X founder
Staff member
Licensed User
Longtime User
Cause i am assuming that, even if, database user and database password stored on server is possible to create hack app to modify, insert and update database data throught my app connection.. is it?
This is not correct. It is not possible to send commands that are not configured in the configuration file.

The only difference between http and https is that with http someone with access to the connection can listen to the network traffic.
Https will not add any other protection.
 

PSEAD

Member
Licensed User
Longtime User
How easy will it be for someone to reverse engineer the apk and get the procedure names etc.?
Would it be better to make these names less descriptive?
 

PSEAD

Member
Licensed User
Longtime User
I will do that, Thanks.
I assume then that the "DBCommand" variable declared in the normal sub would not get obfuscated?
 

IlCasti

Active Member
Licensed User
Longtime User
This is not correct. It is not possible to send commands that are not configured in the configuration file.

The only difference between http and https is that with http someone with access to the connection can listen to the network traffic.
Https will not add any other protection.

So, with obfuscated method and with process global variables (including queries name and connection to server) all will be protected?
No one could be execute any kind of change in my db throught any app?

Thank you.
 

IlCasti

Active Member
Licensed User
Longtime User
The only thing that is certain is that without access to to the server (except from your app) it is not possible to send commands that are not preconfigured in your config file.

Obfuscation only makes it more difficult to reverse engineer your app.

Ok, So it should be better to mask connection string (or all) and use obfuscation to be more covered from malicious.
Thank you for your patience and exaustive answer
 

marcick

Well-Known Member
Licensed User
Longtime User
Hi Erel,
which is the best way to store the connection parameters ? (IP address and port) ?
 

marcick

Well-Known Member
Licensed User
Longtime User
HI,
decompiling class.dex of an obfuscated project, I see that the original string "192.192.192.192" declared in process_global becomes

public static String _process_globals() throws Exception {
_v6 = BA.__b(new byte[]{(byte) 56, Byte.MAX_VALUE, (byte) 71, (byte) -53, (byte) 51, (byte) 40, (byte) 73, (byte) -112, (byte) 36, (byte) 63, (byte) 65, (byte) -124, (byte) 110, (byte) 42, (byte) 8}, 194991);
return "";

So there is no way to decript it ?
 

achtrade

Active Member
Licensed User
Longtime User
how to implement this with RDC :

B4X:
Private P1="p1", P2="p2", P3="p3" as string


   If Job.Success Then
        Dim res As String
        res = Job.GetString
        Dim parser As JSONParser
        parser.Initialize(res)
        Select Job.JobName
            Case P1
                     SPResult = parser.NextArray 'returns a list with maps
                     For i = 0 To SPResult.Size - 1
                         Dim M As Map
                         M = SPResult.Get(i)
                     next
            Case P2
                      .....
            Case P3
                      .....
         End Select
    Else
        ToastMessageShow("internet Error: " & Job.ErrorMessage & " Job.JobName=" & Job.JobName, True)
    End If
    Job.Release


How to put the result in a Map, like the httputils ?
 
Last edited:
Status
Not open for further replies.
Top