i create my first Android app that use local SQLite database for showing contents.
As you know any user can dump database from phone and see its structure and data.
Does exist any way to prevent database dump from Android phones?
I avoid that anynone can have a look at database data (and then copy it) using any SQLite explorer.
Thank you.
Using password in the connection string
Data Source=filename;Version=3;Password=myPassword;
Source: http://www.connectionstrings.com/sqlite
or encrypting (Search here for SO answers)
Related
I am not quite getting the idea of sqlite database. I am developing a hybrid mobile app using Ionic Framework and backend with PHP.
I referrred to this article for using the sqlite https://blog.nraboy.com/2014/11/use-sqlite-instead-local-storage-ionic-framework/
I have a few questions now,
1) So, anybody can create a table,insert and do any kind of operations? Is'nt there any need of a security method to access the DB like mysql?
2) Is a separate instance of Sqlite created for each application? Coz if not,I can make a guess for a tablename created by any other application and delete it all together,isn't it? I just dont get it?
1) SQLite is a file database so if you have access to file you have access to database and can do anything with it. What is the purpose of restricting access to db when you can just delete whole file? SQLite db file should be created in app private storage so no one have access to it only your app.
2) the answear is above. just create file in right place and everything will be fine :)
1) So, anybody can create a table,insert and do any kind of operations? Is'nt there any need of a security method to access the DB like mysql?
By default, each app db will store in their private folder(data/data/your_package_name/database and only that app or system app can access to it.
But if you choose to store your db in sdcard, anybody can mess up your db if they know the path to db file and have right to access it.
Other case is if your device is root, other apps can access your db too.
2) Is a separate instance of Sqlite created for each application? Coz if not,I can make a guess for a tablename created by any other application and delete it all together,isn't it? I just dont get it?
Like above, each app can choose where to store their db file, so basically, they a separate instance.
You can also create multi db file for one app if you like.
I need your help on SQLite database development, We have an application existing with 3rd party database which help us to store collected measurement data using Android Tablet.
For example : Time of recording, Latitude , Longitude.
These should be recorded in mobile and tablet devices.
I tried to get database schema through the DDMS file explorer but I do not see any .db file.
Usually these are stored under data/data.
Our intention is to create own SQLite database and this will support to store huge data.
In above scenario, how should I get 3rd party database schema ?
I have tried, but it doesn't gave me successful result with emulator and SQLite manager ?
In general how do i access db in real device?
If your database supposed to store some huge data, you should set your database on a server and connect to it from your application on the android-device via internet.
For this you have to know How to connect to a SQLite database and config the server's firewall to have access to the database using your app.
Follow these links :
http://www.codeproject.com/Articles/119293/Using-SQLite-Database-with-Android
http://www.vogella.com/tutorials/AndroidSQLite/article.html
I want to upload local sqlite database file at server but in sql format. Is it possible to directly save it in mysql supported format? The file is uploaded successfully on server but its just a flat file of sqlite db. When i open it in editplus or import it in phpmyadmin, it shows error. But when I manually export the database from sqlite manager in .sql extension, it successfully gets open in readable format in editplus. Please help me with this problem. Thanks in advance !
AFAIK you are talking about two completely different things.
Its like comparing a DB dump file to a properly exported file like an xml file with schema and data information from Oracle or MySql
When you export you get a file with or without .sql extension and it means a file with set of queries like DDL or DML create,insert etc. That may be sequentially run to execute all the commands in it and provide you with the right schema and data present in that file.
Whereas a DB file that is created via app is specific to the device and is an .sqlite file which is specific to sqlite browser and that may read it and not a set of queries only that you may open in edit-plus or a text editor.
Sqlite DB file that you find on your device is dynamically generated pages to maintain the integrity of the db.
For more info you must read,
Format of sqlite database
Sorry I don't have code but the idea is,
--Edit with algo--
Assuming you have the create commands for all tables and constraints with you , as they are not going to change most of the time.
You may use this function as a Utility to create and maintain the sql
command list for you parallel to the db you have.
void createExportCommands()
{
...
- Read all tables one by one using a `Cursor`
- Based on specific tables/columns create queries
i.e. String query="insert into "+your_table+" values("+cursor.getString(0),....+");";
- Write this data into a file called export_data.sql and keep updating it in background
}
Perhaps its not the best approach but it will solve your issue.
I'm new to programing for android and i'm still learning. So I have a question about the location of the SQLite database. Is it stored in the same file system as the application ?
And also i'm not sure can the database be created before the app is installed(can it come with the app) or can the database only be created from inside the app ?
And what if i wanted my app to come with a database that already has tables and records which is local and not on a server. Would that be possible ?
SQLite is available on every Android device. Using an SQLite database in Android does not require any database setup or administration.
You only have to define the SQL statements for creating and updating the database. Afterwards the database is automatically managed for you by the Android platform.
Access to an SQLite database involves accessing the filesystem. This can be slow. Therefore it is recommended to perform database operations asynchronously, for example inside the AsyncTask class.
If your application creates a database, this database is by default saved in the directory DATA/data/APP_NAME/databases/FILENAME.
The parts of the above directory are constructed based on the following rules. DATA is the path which the Environment.getDataDirectory() method returns. APP_NAME is your application name. FILENAME is the name you specify in your application code for the database.
You can also follow this tutorial for further understanding.
http://www.androidhive.info/2011/11/android-sqlite-database-tutorial/
Database is created after the app installation or after the db changes. The db is stored in /data/data/your_package/databases/
I want to only read data from the SQLite database. When I am creating database and reading it it is working but I have already a database created and I want to read data from this database.
I am pushing the database to the sdcard and trying to run the application but it is not reading form the database. I want to know that if install this .apk file in device then my database will also shift to the device or not.
Common practice is to store initial data on assets/raw folders of application resources. Then during 1st run just create DB using SQL scripts like:
create table if not exist
Fill DB with initial data - and here you're.