How do I implement a ContentProvider with a JSON file? My goal is wanting the contents of a json file (or the file itself) from one app to be transferred to another app. Android documentation says it can be done with BLOBs but I have no idea what that means, and all of their examples are referring to SQL databases, which my app doesn't use (all data is stored in one JSON file).
My goal is wanting the contents of a json file (or the file itself) from one app to be transferred to another app.
To literally do this, use openFile() on the ContentProvider side and openInputStream()/openOutputStream() on the ContentResolver (client) side.
However, I suspect that this is not an especially good idea. JSON is not a data storage model that will work will with multiple simultaneous accessors. IOW, when both apps try to work with the JSON at the same time, who wins and loses?
Also, what happens if the app hosting the JSON file is uninstalled? Now the other app has no more access to the data.
Related
I am developing an Android app that has a list, I would like this list to be synced between multiple users - can it be done with out server side?
Syncing data between your webserver and an android app requires a couple of different components on your android device.
Persistent Storage:
This is how your phone actually stores the data it receives from the webserver. One possible method for accomplishing this is writing your own custom ContentProvider backed by a Sqlite database.
A ContentProvider defines a consistent interface to interact with your stored data. It could also allow other applications to interact with your data if you wanted. Behind your ContentProvider could be a Sqlite database, a Cache, or any arbitrary storage mechanism.
While I would certainly recommend using a ContentProvider with a Sqlite database you could use any java based storage mechanism you wanted.
Data Interchange Format:
This is the format you use to send the data between your webserver and your android app. The two most popular formats these days are XML and JSON. When choosing your format, you should think about what sort of serialization libraries are available. I know off-hand that there's a fantastic library for json serialization called gson: http://code.google.com/p/google-gson/, although I'm sure similar libraries exist for XML.
Synchronization Service
You'll want some sort of asynchronous task which can get new data from your server and refresh the mobile content to reflect the content of the server. You'll also want to notify the server whenever you make local changes to content and want to reflect those changes. Android provides the SyncAdapter pattern as a way to easily solve this pattern. You'll need to register user accounts, and then Android will perform lots of magic for you, and allow you to automatically sync. Here's a good tutorial: http://www.c99.org/2010/01/23/writing-an-android-sync-provider-part-1/
As for how you identify if the records are the same, typically you'll create items with a unique id which you store both on the android device and the server. You can use that to make sure you're referring to the same reference. Furthermore, you can store column attributes like "updated_at" to make sure that you're always getting the freshest data, or you don't accidentally write over newly written data..
I want to create a sqlite database file in a web service, so I dont have to read a json in the android device and wait for it to read the json, convert it to an object and then insert it to the database.
When the json is huge, with a lot of data, that process its to long for be waiting in an android device.
I would like to generate the database file of sqlite in the webservice, so that, instead of returning the json, it returns the sqlite database, and in android, I just need to save the database, so that, it is ready to use.
That would save a lot of time!
SQLite have libraries for almost any kind of server side language.
SQLite db is just a file so after is created you shall compress is in a zip and use volley library to dl the file over http.
Decompress the zip and connect to it.
I have no idea about which kind of data and which amount you need to transfer but if the data is organised properly the processing should be so long. Also you have to take in consideration that using JSON you can "ask" to receive only updates (delta) and this is something that is not possible if you download all the db each time.
Update: for this kind a data I would go to a different approach. Use docs from google publishing api to upload every specific period of time the db in an extension pack for your app. so most of the dl'ing process is even before the "install" on the device itself. When the app is first running will contact your server and get the latest updates since the db was created (I suppose that even that is a week you are talking about less than a hundred rows)...
Implementing and managing remote or cloud databases in Android Applications is new to me. I am currently making an app that would take in thousands of "entries" to a form, think of it as an attendance app. Right now I've decided to use JSON as my database type and Parse as my BaaS. I need some tips on my decision.
I don't actually see JSON suitable for this because it is a "text" file that can easily be modified or if I somehow accidentally append an extra bracket it would render the whole database corrupt whereas SQL use queries like INSERT which I think is more secure. I just picked JSON because it works well with Parse. Do you think this is a good idea?
Another is what if the JSON file will accumulate tens of thousands of entries, how do you manage this huge database? Do you split it into several files (eg. every 1k entries make another JSON file) or is it enough to just dump all the data in that one JSON database file?
When using BaaS do you just sync the data in that server or do you also make backups of some sort (I don't really know how to put this)?
Thanks in advance!
JSON is not a database, but a data interchange format. You can have a database that uses JSON for communication, for internal representation, etc. but that does not make JSON a database in itself.
Parse itself manages the organization of the data. You communicate using JSON but don't have to care about how it's stored, updated, etc. internally.
So in your app, you should use SQLite for storing such amounts of information, or, depending on the app, just send it to the Parse server and execute the queries against it. You can see how it's done in the Parse Android documentation.
I want to know how safe it is to pack the database with the application in android. Can the database be easily accessed by the users? As the database that I have will have data which I dont want to be hacked by users for misuse, what is the best way to protect the database in mobile apps?
Also my application would use web service(contacting my own website) e.g. http:\www.mysite.com/services/xxx
My site will in turn return some data to the mobile app. If someone decompiles the java code(in apk), he will easily get access to the URL i am using for web service. How can i protect my data on website to be attacked by malicious users. If anyone gets to know the URL, he can simply type that URL in browser and get all data in json format which i dont want as that data can be quite sensitive. Even if I keep it encoded, then the user can get to know the encoding from the java code(which he gets after decompiling apk).
How to keep my DB safe from being misused?
If my application is to show the local places like restaurants, bars etc on mobile should i always fetch them from the website using web service or provide a local database with these details so that information can be fetched quickly. In this case , I can provide a UPDATE web servcie which will update the local database. But security of local DB is of great concern to me.
Can anyone please suggest where to keep the DB and how to safeguard it?
Rgds,
Sapan
Local databases and your apk file can be read by any rooted device easily. This tool can even decompile your resources as explained in this youtube tutorial (I never tried that myself actually).
So you would have to store your data encrypted in your database and decrypt it form your application code to be sure that noone can access it by simply getting the database form the data directory of his device.
You shouldn't put your sensitive data (like passwords etc) in the resource folder, because it can be decompiled, put it in your code.
Now some words to your JSON API. Hiding the URL is not enough, since the user can track your requests easily by a sniffer and get that anyway. You should provide a authentication mechanism to protect unauthorized access and also protect your communication by SSL. (E.g. using HTTP authentication - makes only sense when your server provides SSL.)
This are the things you should think about and decide yourself how sensitive your data actually is.
As far as I understand you're going to:
Pack initial DB in your APK file (say with res/asset folder)
During first run explode DB file from res/asset to application data folder
Then from to time fetch data into DB from website/webservice
In this case there are basically 2 vulnerabilities (stored data I mean):
Initial DB image, since it's packed with APK (which is in real life just ZIP archive), so anyone can unpack and see what's packed in your DB
DB file stored in application data folder (usually /data/data/MY_APPLICATION_PACKAGE/databases). This folder is accessible on rooted device, so again your data can easily be screened
The only option to be secured is to encrypt your database content. Easiest way to do it to store sensitive data in BLOBs (in form of XML of JSON) and encrypt/decrypt those BLOBs after/before actual usage of certain records.
Myself personally did it in my app - and it works well.
check this links for protecting your apk file for decompile
How to make apk Secure. Protecting from Decompile
Protecting Android apk to prevent decompilation, network sniffing etc
decompiling DEX into Java sourcecode
I have an Android application with a SQLite database from which I want to send some data to a webservice to store it in a database there.
How would I go about doing this? Is there a smart way of doing it?
I've thought about just extracting the data from the SQLite database and create an XML file to hold and then send the XML file to the webservice, but is there a easier/better way of doing this?
JSON is generally seen as a more efficient data format for transferring to and from mobile devices. Check out this post about how to do it. You will, of course, need a web service that can accept and interpret JSON objects.