I'm trying to use SQLite Databases, but as I'm learning (via the internet), I'm getting really confused and I have a few questions.
Where is the data actually stored? For example, let's say I want a database that stores all the usernames and all the passwords for everyone who uses my application. I need to write this information onto the database, but where is it? Is it on the user's phone? Is it on the web somewhere? Whenever the user goes onto the app, I need to read from the database. Does it read from somewhere online or does it only read from the database created on the user's phone? Is there any way to create a static database that all users are able to write to?
If I'm using a SQLite Database to store username and passwords, do I need to secure it with a password? If so, how? I've read on some websites that this information can easily be read if it isn't secured with a password, but others tell me that it can only be accessed by my application.
SQLite Databases are used where you need to store the data of particular user or save his usage or some data which is permanent. This DataBase resides in the Android device. If you want to save the user accounts (say username & password) this should be done in the server (backend) and should get the data by using service calls every time.
Ex: You have a comic book application for which the user has to signup / signin. Then you maintain the user account in the server. After signup / signin, when user downloads a book to read. Make that book stored in the SQLite Database in Android device, so that it will be available forever.
If you try to maintain user accounts in the SQLite DataBase, you cannot get data of all the users an store in one Android device. So global data should be on server and Local data should be stores in SQLite DataBase.
1)straight answer is: When u use SqLite database in android application, in the sense your application have sqliteDatabase, means when u download that application in to your device then all sqlite database data stored in device.
2) For password security u have to encrypt password and store in sqlite database.
Related
... or can I acess it remotely? If yes, where/how?
To illustrate my question with an example:
If I want to implement a login function and an user creates an account: will his login information only be stored on his phone? (So he can only login on his phone on nowhere else?) Or is it stored somewhere else?
I'm quite confused at the moment and wasn't able to find good ressources zu answer my question (maybe someone knows a good tutorial?)
Thank you in advance for your answers!
There are mainly 3 ways to store data in android:
With the shared preferences, you can save data locally. Its limit is that when you close your app the data are deleted.
With SQLite the limit of the shared preferences is overcome. You can save data into a binary file stored locally in your phone. For use it you have to write some specific java code and inside it write in SQL sintax. It is used for example to keep the highest score in single player game, or simply to let the app remember description, text, user inputs.
With Firebase you can save data in a not local way, data are stored in a server. You can use it for example for develop a social, a game that need to share data with more users, when you have a multiuser application.
This is a data file storage overview, it could be useful too.
For login data it's better to use share preference instead of SQLite. If you use SQLite or Room or share preference, data are saved locally and you can't access them remotely.
I'm trying to figure out an android app that stores user's data in a database on sdcard.
But I don't know if it's possible to have these too:
even if the user deletes the app, the db remains and the user can access it.
So later they can re-install and give the app the path to the db file. The app uses that file as a database again.
Something like WhatsApp db, but the user must have the database as a file on their phone so they can transfer and store it anywhere. The data is large so it's not a good idea to get a backup file.
Is it possible to create it with Room or SQLite? and reuse it again?
I'm a little confused as to how SQLite works in Android development. I know it can be used to store data but is this internal data only? It will write to a .db file on the phone which is just a test file. But say I insert a few records on my phone. When a different user logs in and views the database will they see the records I just inserted or are those records only going to display on my phone? If it's the latter what's the best way to have all the data be stored in a single database so all users can add / delete from the same pool of records? Would it be a web service callout to a cloud db like MySQL?
Also, extra credit question: if I'm making an iOS app that will need to read from the same database as the android app should I even consider SQLite or should I use something else?
I know it can be used to store data but is this internal data only?
Yes, if I understand what you mean by "internal data".
When a different user logs in and views the database will they see the records I just inserted or are those records only going to display on my phone?
Well, that depends entirely on what you mean by "logs in".
If you mean "a different user uses my phone, just by swiping to unlock", the phone cannot tell you apart from this other person, and therefore that user sees the same data that you do.
If you mean "a different user uses my phone, but I set up two user accounts on the phone, and that user has logged into my guest account", then that user will get a separate database (and separate everything: apps, etc.).
If you mean "a different user uses their phone, but uses the same app", then that user will get a separate database, because it is a separate device. This is not significantly different than the user having different word processing files on their computer compared to your computer.
From the standpoint of the Android SDK, the SQLite database is a file on the device.
If it's the latter what's the best way to have all the data be stored in a single database so all users can add / delete from the same pool of records? Would it be a web service callout to a cloud db like MySQL?
I would not consider MySQL to be a "cloud db", but, yes, your app could communicate with a Web service that stores its data in its own central database.
I'm new in android, I am developing web application by android studio.
When user open application, there is activity login. User need input ipaddress of server, username and password before access application.
What I want to know, Is it possible to save ippaddress and other data to something like SEASSON/Cookies Web in Android Studio? So user only need 1 time to input data, store it and ALL activity inside application will get that data everytime it needed.
Thankyou my friends.
If you want to keep the User's Login data locally, encrypt the values and store it in Shared Preferences or in SQLite Database.
I think storing it locally is the best option because it wouldn't require your app to make network calls every time user opens the app.
Here are my suggestions:
1. If you have a web service, encrypt and persist the values securely to your web service via a post
2. Encrypt and store the values in shared preferences
3. Encrypt and store the values in a sqlite data base on the device.
We have an Android application which stores its data in a local SQLite database; primarily for performance, but also to allow for working off-line (as we are often in areas with low signal).
At the moment, the data is stored in encrypted format (passed down from our web servers), but this in itself causes a performance issue, where for example, if we want to search records for a particular "surname", we need to decrypt ALL of the data, rather than using a straight SQL query, to include where surname='Smith'
We cannot (as it currently stands) store the data in a more friendly 'open-format', as it's possible to 'root' the device, take a copy of the MySQL database, open it and read the data.
Is there the means (perhaps someone can provide an example) to either password protect the local SQLite database or somehow apply encryption, so that we can (from an application perspective) have the database available in open format, but so that if any would-be hacker got hold of the device and rooted it ... they would have a hard time reading our data?
I have searched for a suitable solution and cannot find any options for the SQLite database, any 3rd party software or any examples of code that do this.
SqlCipher, this will might work in your case
Remote Storage:
Your data is sensitive and needs to be accessed by the user on the go from different devices. If your app is a good one then the above line will hold true.
Security + Remote access from any device says you maintain your dB on a remote server.
Your flow can be :
User login --> Token --> Auth Token in every call --> Process request and get/put data in/from dB
Local Storage:
Let's say that you only want to store data locally and don't want to store it on the server. For this you can use public-key cryptography
You can use a public Key in your app to encrypt the data and store it. Now, you want to access the data. Request the private key from the server and decrypt it.
Again, to get access to private key you should use some form of authorization (or anyone can access your key).
Without the private key, even if a hacker roots the phone and gets his/her hands on the dB, the data would be useless.