koobas.hobune.stream
Unity5 to connect mySQL data base using C# - I need help
I need to know if is possible consultation in mysql data base using only unity script in C#?
I already did this consultation an turn, using unity4 and SQLServer, i put here script, an IP, an username, an password and data base name, and i not forget to get an dll "system.data" to using how library, and finaly i got this consultation. But now, I try to consultation in another data base, in mySQL, and i not know if is possible, and how i get it ? please help me.
PS1:I dont like the ideia it, for comunication with database Mysql, i need another script in another language of programation for get information in data base. I say this why, i read arround it, for got it, is necessary that an scrit in another language(for example PHP), whose function, is consultation in data base, to communicate to script C# in unity for works.
PS2: i'm brazilian, and my english is not one of the best, please try understand my question. In portuguese brazil it has been very hard to get more information in unity.
I appreciate any help, Thanks
Yes , I checked , but I'm not sure if it works in unity 5, and case give an error , I believe that would be difficult for me to indentificasse the error in the plugin or in my project . I've researched and managed to catch a $$anonymous$$ySQL dll, $$anonymous$$ySQLData.dll version 2.0 of .NET, and I believe her good work , however my host where the database does not seem to accept remote access, access an online database for the Unity would be remote access ?
For simple things you could use the WWWForms (See here ) and send & retrieve information from the Database via PHP Scripts.
This works for simple Data, that doesn't need to be secure and so on. There's also dotNet Connector for $$anonymous$$ysql that can do http tunneling. But I think using WWWForms is easier for simple communication with the server.
You'll probably need to read yourself into the topic "php & mysql", as you need to catch the data from the WWWForm, then validate it and send it to the Database. Sound's easy, but can be quite insecure if implemented wrong.
Yes , I managed to make the communication by PHP script work, the data I need are simple, but still have the issue of security , the WWW what alternatives I have about it? but in any case , thank you.
If you need help again let me know.
It seems you are quite new to Unity Answers. So just in case you didn't know:
If you find a Answer helpful, it would be very kind of you if you could accept it as an Answer.
If you Accept it, your Question gets marked Green, indicating that it was answered, so other peoples don't have to look through thousand of "unanswered" Questions, that are actually already answered.
If you don't know how to accept an answer, then you can look that up here. It's the check mark icon beside the Answer.
Regards $$anonymous$$ichael
(I think I did write it a bit unclear in the comment, so here's a full explanation)
WWWForms with a PHP Script Validating the Data is already the most secure way without a dedicated Server. You only need to run a few checks before your PHP Script writes into the Database.
Including a MYSQL Connector (like rlharper suggested) is over the top and even worse Security wise, because you should never ever let a Client directly talk to the Database. You'd need to do the Validation inside your Game and even leave the password to the database there. Believe me it's pretty easy to decompile any .Net Application. So basicly you would give your Database Password to anyone out there in the World.
Of Course that changes when using a Dedicated Server, that first Validates all inputs and then speaks to the Database, but again, that's a bit over the Top.
The only Problem with WWWForms is (and that's the same for all communication between Client and Server/Database):
You can't trust the Data that is sent by the User. They could simply intercept any Packages sent, modify it and send something completely different to your Database.
So what you would need to check in your PHP Scripts are at least the following things:
Use prepared Statements (MySqli)
Check the incoming Data for Characters that shouldn't be there, like ,.?!()^ and so on.
If you want to make it a bit harder for cheaters (for example if you are doing a Highscore List) then encrypt your data. Though if decompiled, one would still be able to change the Values sent.
(1) Prepared Statements are already a very good way to disallow injection of sql code. (See here)
(2) By striping dangerous Chars like the Question Mark (?) and so on, you minimize the danger of php injection. (See here). If the data doesn't need to be case sensitive, you could also cast all input to lowercase after removing the special chars (Just an easy additional Layer).
You might want to read yourself even more into PHP Security. But I think thats a good start.
You could try my approach, here at http://islesofdulst.com/iod/c-odbc/.
yes, it's something, I could access the database from C # direct Unity , however, I use an online hosting , and it seems that she does not accept remote access for security reasons , I still do not know for sure whether access the database by unity through C # would be remote access, but thank you , in a sense his approach gave me some sense beyond which I had done.
