Facebook in their user guide suggest to keep a key in values/strings.xml file. Have never seen such an approach before and it sounds odd for me. Is it something everybody use? I always thought is it better to keep such a data in config files.
It is perfectly alright to keep data like this in strings.xml. Make sure you keep it in the default /res/values/strings.xml and not in any other values folder which has qualifiers attached to it. It may not be available on all devices if you do that.
Keeping this kind of data in config files is also perfectly acceptable (and the one I personally use, more because I find it easier to edit a Java file with static variables than an XML file in Eclipse).
Keeping the data in strings.xml means having an additional step in accessing it, as you'll need to get it from the resources using an instance of Context. Putting it as a static field in a Java class will make it slightly easier to access.
Both methods work fine, and are used commonly. It is really upto your personal preferences to pick one.
Related
Right now they are just stored on a class called Globals as static fields.
I'm not the one who made the app, but I am considering putting them in localized strings.xml files, such as <string name="API_URL">http://someurl</string>. Is this good or bad practice?
UPDATE:
I chose the answer that I feel answers the question most comprehensibly.
But after some re-thinking, I have chosen a different solution alltogether.
Given that URLs are actually based on the country which the app should be distributed for, it doesn't make sense to switch them based on locale, as the URLs should stay the same regardless of the language on the phone.
Instead, I have implemented Gradle Flavors, which create different APKs based on different settings and such. It allows you to create variations of the same app with the small changes that you need. :) So now I have the URLs in a flavor-specific file.
Thank you to everyone who took their time to comment and help me.
I agree with puneet, it's neither good nor bad. It depends on what you are doing with the API Urls.
Are you going to append them later with user input? If so I would suggest you keep them as global variables that way you can modify the API URL programatically as needed.
If the API Url are complete and will not need to be appended then putting them in the strings.xml would be fine. Just remember that you would still have to create a local String variable in the java to hold the text from the API_URL in the string.xml, which seems inefficient if what you're aiming for is to write less code.
Neither good nor bad.If your concern is the security then none of them provide the security as decompilation is possible.
Isn't strings.xml is supposed to be used as a text storage for easing the translation of text in the app to other languages?
For example - Facebook app id according to facebook manuals is advised to be stored in strings.xml.
It means that if I want to share this file with 3-th parties for translation - I will have to manually remove all ids by myself, or share those ids with 3-th parties.
Isn't strings.xml is supposed to be used as a text storage for easing the translation of text in the app to other languages?
No. It's string storage for any kind of strings. Majority of use is localization related but it is perfectly fine to have anything that is string there like API keys, tokens whatever.
Please be aware that you are not limited to just strings.xml file. You can have as many *.xml files holding string resources as you like (so it's quite common to split localization per class/functional module and keep it in separate xml file).
You can create more then one strings.xml you could name it appids.xml and store all your ids inside this file. It is common software design pardigm to seperate data from code, so you won't just use a String constant for your id.
For Android best practices, Google is the source to go, for example they propose the usage of an appids.xml file here: Getting started with Play Games
Facebook might be using this simpler form of storing your id to make the tutorial easier to follow.
Basically it may happen that the ids that you're going to use inside your app may occur in multiple java class files. So by mistake there may be a chance that you mistype the id or secret key which will result in failure of result that you are expecting. As a good practice you should store such things in strings.xml which will help you minimizing the possibility of error in your result. Also if you change your id or key because of any reason then you might have to change that in each file where you've mentioned it. Instead of that if you just change it in strings.xml then it will automatically reflect at every instance where you've used it.
Going further, Android is open source. Thus any app that you create can be reverse engineered and all the code can be read. This leads to leakage of your id's and may be some secret keys for any api that you've used inside your app.
I have an android app that connects to a server at a static URL. I want to figure out where to put the url so that I can access it form my app.
The consensus seems to be that values/strings.xml is the way to go. However, I'm afraid that a single file for all of my static values could get unwieldy. Is there a way to use multiple different files for different types of strings (UI, internals, etc)? If I simply make different files, will android be smart about it and import them all? Is there an accepted canonical way of doing this?
Thanks!
Yes. You can provide many different XML files and name them the way you see fit. It's the resource qualifiers (the folder name) that matters.
Provide your string resource and you will be fine.
However, since your URI is static, I'd put them as a static final variable instead, in code. It will be easier to call it from places where supplying a Context may not be the best approach. And let's face it, there is probably no reason to make it a String resource and have to call it through the overhead of the resource system unless you need it in a XML layout, for example.
I know i can save strings in res/values/strings.xml but if someone disassembles the dex file or the apk file then he will be able to see HARDCODED strings or res/values/strings.xml strings.
Is there a way to store strings that wont be read if disassembled?
Briefly - no.
If you can decrypt/extract any string from your apk, potentially anyone with enough knowledge may look through your code and re-cosntruct the algorithm you use to extract those strings. And then extract them by herself.
Of course you may use some tricks to make it harder. What tricks can be used is actually up to you, Android doesn't provide any by default (AFAIK).
If you do not want the data to persist over application sessions, you can use SharedPreferences
In the case of a windows application(EXE/DLL), we can change or add language resources within the binary without re-compiling it. Can the same be done in case of an Android application? Is there any editor available to make this happen?
My plan is to develop the application in English and then release it to the sales department, where they will be responsible for the localization of the application without compiling and packaging it into a new APK. I just want to split the development part and localization part of the app.
The correct way to localize is to create a string resource for your base language and then have that localized and reimported into your project for every language that you support.
Much more detail can be found in the Localization documentation.
I don't believe there is a safe/supported way to inject localized strings into your app after it's been built.
No. You can not, because once your apk is signed then modifying it after this (you can always do that as apk is just a zip file) will corrupt the signed binary.
When having multiple languages with your application you have to build them into the application itself. Android uses XML files to store strings used within your application. Android allows you to add language localization files containing local specific strings. You can't do this without recompiling your project so you'll want to do it as a future update or right from the start. But you can't have the marketing department do it, that's just not a good idea.
As others have said, the short answer is no. The long(er) answer is sort of. If you pack all your language resources into remote XML that can be updated from the web, then with a little bit of forethought you can do all sorts of live updates to your app's strings, graphics, etc.
So if you want to use the standard R.string method for everything it will be a little difficult. I think it's possible to do something funky with a dynamic classloader for the assets and static dex classes (basically classes of data with just inline byte arrays that can be decoded after). However that would still require compiling. See Custom Class Loading in Dalvik for more info.
Another approach would be more of a standard Java implementation. Java has a class known as ResourceBundle. You could create a ResourceBundle from a property file (key-value plain text, or even property xml). Then these files could be loaded outside the apk, via a network connection or sdcard or other file type resource and deleted as necessary. You will have to write the loader code for it, but that's going to happen with any solution. This solution will be less performant and outside the standard design methods for android but it will solve the problem being asked to solve. Like you won't be able to use R.string or #string/whatever for any of these resources but I think you may be able to write an adapter to such resources (like your own TextView extension and whatever that would allow all of this). It's a matter mostly of how much work you want to invest in solving this actual problem.
Honestly I would opt for trying to distribute whole apks with only the targeted language if you are trying to save space, but then there is no way to change locale for the app at runtime :(