koobas.hobune.stream
Best Way To Store Credentials and Data Online?
I have been looking High and Low for a simplistic Answer for this and seem to come up empty
What I am Creating
An App for Android, iOS and a mobile website that must access the same data, be secure and speedy.
A user will need to access/create the following
User Name
Password
Personal Data Info(text based items)
Unique One Time
Activation Codes
Possible for thousands to need access at same time
What I THOUGHT would work a simplistic SQL database What I am learning about this approach A few other forums (will post links if I find them again) show that you can include system.data.sqllite witin a c# script by adding the reference and placing the dll within the asset folder. This seems like a decent approach except for two issues
I do not believe this will work for mobile devices on windows
Apparently this is not very secure - I saw multiple posts about how a .unity can be decompiled very easily and sql passwords can be revealed. I believe this is not the case when I compile the app as a apk on android or for ios but would like some more information on the best approach for security
I am open to any suggestions because at this point I am back at ground zero.
Is it best to create a plug in on android/ios and handle SQL somehow within the sdks?
Or should I handle the SQL within Unity a different way?
Is there other options besides SQL out there? (please note when I Say SQL i mean database if there is a different database system out their that would work better please let me know, however I do know that my server can successfully install a sql database and have had expeierance with this before)
I have used Text files for data storage online before and used HTTP download commands to grab the data, however this does not seem secure and since I will have multiple possible thousands of users accessing this data at the same time I need something that will allow for this
I am a software/graphics programmer and do not have much experience with database storage but once I understand where to look do not see that being a challenge
Thank you for you Help -
What we did for the iPhone game I worked on was this:
The iPhone connects to a webservice, and the webservice does stuff in the database. We went through Facebook, so the user put in their facebook login info, and the app got a token from Facebook, which it passed to the webservice. Then the webservice interacted with the database.
Sure, users can decompile and hit the webservice and adjust their scores themselves. But they can't mess with other peoples' accounts because they only get enough info to access the webservice, not the database itself.
This is why we only reported high scores for your friends, not the world. People are less likely to hack score tables if only their friends can see it.
Ok, I also have read something about an interface system between my system and the database, so I am starting to see the light on this... I have no experience with this type of set up, could you shed some more light on it?
Searching in the dark for 'webservice' I found this http://www.oracle.com/technetwork/articles/javase/index-137171.html not sure if that is really what I should be looking for or not
But any help would be greatly appreciated!
http://davidwalsh.name/web-service-php-mysql-xml-json
Here's an example webservice made with php and mysql. This might help you with the idea of how to structure it.
That oracle doc is good, but see also http://en.wikipedia.org/wiki/Webservice.
