In my task i need to read and write the file in Raw folder. I did the first one to read the file from my project, Now i want to Write the same file. So it easy for me to make any update in that file.
On Seeing this How to write files to assets folder or raw folder in android?
I allow the user to set password ie writing the pass into the file then read the pass and validate if it matches. Is it possible to Write file in Raw Folder
Any data present in the "res" folder is not writable. You can only read data from it. You can never write data to res folder on the fly. If you are looking for a way to store username and password credentials, you can make use of Shared Prefrence
Here is an example on how to use it.
http://marakana.com/forums/android/examples/63.html
Edit 1
Storing data in Shared Preference is persistent unless user clears the data using "clear data" button in your settings page.Navigate to settings->manage apps->your app. Here you will be seeing uninstall button and clear data button. And one more thing in android is you will never be able to save a persistent data. You can't use any data storage methods like preference, sqlite or file system to store a data for permanent. If user wants to wipe the data he clicks on "Clear Data" button and your data are gone. So you have make your coding in such a way to handle this.
Since this is not possible, you could try to use your app's resources which is write protected and not possible to write to it. So it depends on user or you might have to use your server to store the data over there.
No,it's not possible to write file in raw folder
you should use shared prefrence for that.
http://samir-mangroliya.blogspot.in/p/android-shared-preferences.html
Yes, it cannot be done. Instead of trying to write in raw directory, Update your files in the local file system by using Shared Preferences as described in below link :
Please refer http://developer.android.com/guide/topics/data/data-storage.html#filesInternal.
Any data present in the "res" folder is not writable. You can only read data from it.
See this tutorial from the Android Dev site :
http://developer.android.com/training/basics/data-storage/files.html
String filename = "myfile";
String string = "Hello world!";
FileOutputStream outputStream;
try {
outputStream = openFileOutput(filename, Context.MODE_PRIVATE);
outputStream.write(string.getBytes());
outputStream.close();
} catch (Exception e) {
e.printStackTrace();
}
Related
I want to save Settings or Configuration of my Android Application in text Files. but i need to make sure my configuration is also removed when someone "clear data",
Can someone explain to me how and why?
It clears the App Data folder only, I.e \data\data{your-app-package}----
All the subsequent files are deleted which consists of pref files, db and other caches.
So it will depend upon where your file is created. You may use Device Explorer to be sure for ur file.
It depends where you are saving the configuration file.
If you are storing it in the app's internal storage, it will be cleared. And if you are saving it in the external storage, it will persist.
So if you want to make sure it is cleared when app data is cleared, then store the file in the internal storage using getFilesDir() instead of Environmennt.getExternalStorageDirectory()
It will remove the Android Data . Which represents by package name(\data\data\your-app-package}).
public File getCacheDir() {
return super.getCacheDir();
}
This Method returns the Dir. If you created a file or Directory Outside this Directory it will remain There even after Un-instalation.
I need to save some int and boolean for the setting, and for now i'm doing it with SharedPreference, I'd like to know if there are problems with this way, can i stay sure that those data won't be touched or lost? There are contraindications in using this way?
And now the real problem: i need to save some strings, that are basically something like... text description of some urls and the urls, but i don't really think that SharedPreference would work since i don't know how many those items can be, they may be 5, 8, 10, i don't know, those data will be downloaded via internet, so: how could i save them?
I'm not really good at Android programming, but i studied Java a lot of time ago, could i just save it as a file and parse it? I think I could create a Serializable wrapper class and write the items in a file but... is it really safe? users could edit those file or delete them, i think it maybe better if i could save them in some... "locked for app-only" folder, does something like that even exists? And if yes, how do i access it?
I highly recommend using Facebook Conceal. SharedPreferences can be modified by root user independently on used MODE, Conceal keychain file can not.
Conceal creates encrypted file that can be accessed only by the app and your settings are safe. Of course user can delete this file, but you cannot prevent deleting data, only modifying.
Very easy to use:
// Creates a new Crypto object with default implementations of
// a key chain as well as native library.
Crypto crypto = new Crypto(
new SharedPrefsBackedKeyChain(context),
new SystemNativeCryptoLibrary());
FileOutputStream fileStream = new FileOutputStream(file);
// Creates an output stream which encrypts the data as
// it is written to it and writes it out to the file.
OutputStream outputStream = crypto.getCipherOutputStream(
fileStream,
entity);
// Write plaintext to it.
outputStream.write(plainText);
outputStream.close();
Enjoy ;)
SharedPreference is based on a xml file stored in app folder. It's secure like write info on another xml file. It's mainly used for app configuration. For other kind of data, it's better to use database (SQLite) or in json (more performance than xml).
In android, you will use many concept you already studied on desktop version of Java. But the platform is quite differente, especially on performance point of view.
sharedPreferences is completely safe to use, plus the privacy you declare the class to instantiate, can be used only by your application and can also give permission for use by other applications giving property Context.MODE_PRIVATE. The only way anyone can see your settings is to be a root user and also that the user knows the route to follow to find the .XML on your preference, personally SharedPreferences is entirely feasible. Another way would be to use a SQLite database, but as a root user preferences can access your .DB and modify any database manager data such as navicat
In Android apps are like users in Linux system, each user has its own private space, the same goes for apps, each application has its own storage space, and that's where data related to an app will be.
By default SharedPreferences are stored in MODE_PRIVATE, so they will be accessed only by your app, no other external app would be able to access them. If you want to share some of your preferences you can choose other storage modes MODE_APPEND, MODE_WORLD_READABLE, and MODE_WORLD_WRITEABLE.
All that has been said about the MODE_PRIVATE is applicable in the case of a not Rooted device.
For more details on Android Security you can check these resources
I've faced one problem. I want to store a certain folder with media data here /data/data/com.package.name using Context.getExternalFilesDirs. But i want to hide the data from users. But everyone can get this files from /data/data/com.package.name folder. Even if the files are hidden, still people with rooted devices can access this data. So i need some way to encrypt or zip the folder to protect it. How can i protect the folder?
Can i use Zip with password? Is it safe?
I think it's not good practice to encrypt all binary files and decrypt them because it will take a lot of time.
There is no way to prevent user from accessing these files. If user wants them he or she can extract password from your app and decrypt zip archive.
When passwords are on your server then files can't be decrypted, but when your app downloads password to decrypt data then user can sniff that password.
If you want to store data that no one should ever access (e.g. passwords) I'm afraid that you should read about Security Through Obscurity
Basically when your application can decrypt data, advanced user can do it too.
For normal users (with non-rooted phone) storing files in /data/data/ are not accessible. But with rooted phone there is no way to stop users from getting what they want.
I found the solution. Very nice java library http://www.lingala.net/zip4j/
does the work: here is an example
public void unzipFile(){
String path= Environment.getExternalStorageDirectory().getAbsolutePath();
String source = path+"/Download/circus.zip";
String destination = path+"/Download/";
String password = "1234567";
try {
ZipFile zipFile = new ZipFile(source);
if (zipFile.isEncrypted()) {
zipFile.setPassword(password);
}
zipFile.extractAll(destination);
} catch (ZipException e) {
e.printStackTrace();
}
}
Okay, so I have this file system using serializer to save an arraylist into a JSON file. The JSON file is created in the code. If I turn off the power, the data and file is erased. So if I want the data saved and reloaded even when the android phone is restarted. Which way to save data is the best? Can we use a JSON file to do that?
You can save in a file into the sdcard or you can use the SharedPreferences. In fact the toString() of a JSONObject returns a String that represent the json itself
You can use SharedPreferences or saving it to external storage orsaving it to SQLliteDB
you can convert the JSONObject to a string and save by using one of the above methods.
for examples on using different storage options please refer Storage options
I have a dilemma, i need save some security data on my Android device, this data is login information to personal cabinet, so can you please, give me an advice where is better to save this info into simple txt file(but what about security?) or maybe is there analog of MySQL DB in Android platform(and how i can access it)?
The best way to store personal data in Android application is using shared preferences with mode private, so that nobody can access that data other than your application.
for more details see Android developers tips about shared preferences here.
AFAIK you cannot run MySQL on a android device but you can use SQLite (tutorial). You could even try using SQLCipher to store it in a encrypted database. Although I'm told it's not too hard to extract the access key from your APK.
When you store you password, make sure you encrypt it (even if you are encrypting the database). Storing passwords as plain text is rarely a good idea ;)
Whatever you do, do NOT store it in a text file!
You can save the simple txt file into your application directory. In General, Android assigns each application a unique uid. Each application has its own application directory with mode 660. So other application cannot access its content. To write your own application directory, you can use the following code:
String filename = "myfile";
String string = "Your security content";
FileOutputStream outputStream;
try {
outputStream = openFileOutput(filename, Context.MODE_PRIVATE);
string = encrypt(string);
outputStream.write(string.getBytes());
outputStream.close();
} catch (Exception e) {
e.printStackTrace();
}
However, if the target device is a rooted device, other application can access your file. So a better approach is to encrypt your data, and save it into the application directory.
For a database approach, it has the same problem, you can define your own content provider without exporting it out, but it is still vulnerable on a rooted device. So whatever you choose, writing txt file or storing it on DB, encrypt it first is necessary.
You could store the details in the SQLdb on android but save all the form details using encryption and just persist the strings.
You can see in the answer below an example of someone doing this exact same technique and using the phoneId for the encryption (although I'm not sure how safe that really is).
Is it safe to store username + passwords in a local SQLite db in Android?