Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am writing an application that needs to connect to a MySQL database on an external server. I need a “hard coded” string to connect to the database which contains user and password details. This is an issue when people can decompile my application to view almost exactly the code that I originally typed, which could give them direct access to my database.
Is there any way of preventing people from viewing these strings with code? I’d prefer not to use obfuscators.
Many thanks,
Steve
Rather than connecting directly to a database, you can send calls to a web service on your side, and the web service and redirect to the database as needed. This has the advantage that, in the event you need to change a connection string, you can redeploy your web service without affecting your client apps.