So mysql works great when you log into your mysql database program on that device but what if you want to move the program to another device, the connected databases wont work...
Is there anyway to have the database somehow within the python file, so that when I move it to other devices it will act the same...Thank you!
Assuming you want to store some simple information, Sqlite3 does exact what you're looking for. This is a sql database that is entirely run on a file on the hardrive that the application is running from.
But be careful what you put in this database. This is not meant to be a high performance database, and will crumble if you stress it too much.
Yes, use a database external to the host. You can then use DNS or an ip address to access the mysql database as long as the new device has connectivity to the database. For mobile apps and mobile devices, build out an API on top of the data that you'd like to be able to access and then secure the API with appropriate credentials.
Related
Is there any way to convert an app written with kivy, python to use an online mysql database, this is usually straight forward for web apps written in python, how about desktop apps written in platforms like kivy and Tkinter that want to use an online mysql database for data sharing?
For this purpose you need a remote mysql server. A local mysql database will only take changes locally, within your computer, but a remote database, will accept data given to them from any device connected to it. There are paid and non paid websites that provide such hosting. Here are some free ones:
FreeMySQLHosting
RemoteMySQL
FreeSQLdatabase
db4free
What you should be looking for is "remote" mysql databases because some online database wont allow you to write to it.
Take a look at this answer for some explanation
I'm a noobie to Django and I'm almost at the stage of deploying a web server.
I was just having some doubts with Django's database. Currently I'm using the default sqlite3 database to store all the user models as well as the info models. I'm thinking of using AWS to deploy my web sever.
So when I get to that stage, should I continue with sqlite or should I switch to AWS's database or something like Firebase. If I continue with sqlite, where and how exactly will the information be stored? And what if I switch to something like PostgreSQL, where will the information be stored and will it be secure/fast (even if I manage to get thousands of users)?
Thanks so much, this question might be really basic but I'm super confused.
sqlite is a flat file database, it uses an exposed file in your project to save your data, this is fine in local environment, but when deploying you need to consider that the server and the database are in the same machine and using the same disk. that means if you accidentally remove the machine -and its disk space- used to serve the application, then the database itself will be deleted with all records.
Plus you will face problems if you tried to scale your servers, that is every server will have his own copy of the database and syncing all those files will be huge headache.
If your data is not that important then you can keep using sqlite, but if you are expecting high traffic and complex db structure, then I would recommend you consider a db engine like Mysql or maybe look up the databases offered by amazon here:
https://aws.amazon.com/products/databases/
For django, you will need to change the adapter when using a different db like mysql, sqlite or anything else.
https://docs.djangoproject.com/en/3.0/ref/databases/
That might be a very silly question, but how can I open a mongodb database?
Here is the setup: I have another computer where a bmongo database is continuously feeded by some python program (using pymongo). The dbpath of the mongodb database is on dropbox, so that I can access the data while on the go.
Problem: How can I open these data on my machine? I dont see which servers settings I should use.
Thanks!
I'm creating a pygtk app that needs a mysql connection from a remote db.
db = MySQLdb.connect("remotehost","username","password","databse", charset='utf8')
App is almost completed and going to be published. But the problem is, if anyone decompile this script they can easily read the above credentials and then there is a security issue. So how do I can protect this code or is there any way I can strongly compile this file?
Database connections are generally made from trusted computers inside a trusted network, for a variety of reasons:
As you've seen, the client needs to store access credentials to the DB.
Most of the time, such connections are made with no transport security (unencrypted), so any eavesdropper can observe and mangle requests/responses.
Latency in the path to the DB is usually a issue, so you want to minimize it, thus placing the client near to the DB
Violating this common practice means you'll have to deal with these problems.
It's very common to have a intermediary service using some other protocol (for example, HTTP/REST) to exposes an API that indirectly modifies the database. You keep the service on a host in your trusted computing base, and only that one host accesses the DB.
In this architecture, you can (and should) perform authentication and mandatory access control in the intermediary service. In turn, having different credentials for each client that accesses that service will help keep things secure.
If you can't rewrite your application at this point, you should follow patriciasz's suggestion on keeping the least priviledge possible. You may also be interested in techniques to make it harder (but not impossible) to obtain the credentials
There is no way to protect your code (compiled or not) from the owner of the machine it runs on.
In this case he will effectively have the same access restrictions your application's SQL user has.
There is no good way to protect your code, but you can use read_default_file options while using connect. The connection arguments will then be read form the file, specified with
read_default_file.
NOTE: This in no way is securing your username, password since anyone having access to the cnf file can get the information.
Build an interface between the database and the application. Only the interface will get true database access.
Give the app credentials to access the interface, and only the interface, then let the interface interact with the data base. This adds a second layer to boost security and helps to protect database integrity.
In the future develop with separate logic from the start. The app does not need to accesses the data base. Instead, it needs data from the database.
Also as a rule of database security avoid putting credentials on the client side. If you have n apps then n apps can access your data base, and controlling access points is a big part of database logic.
Separating program logic is the real deal, credentials don't need to reside on clients machine just as chip said
Say I have a database of recipes that I have online, and I want to use this database in a program, but I want to store the information from the database internally to the program and only have to connect to the online database when I want to update, however I don't want my end-users to have to have a database(MySql, MSSQL, etc..) installed to their machine. What would be the best way to efficiently do this?
sqlite is the most common way to use databases without a database server.