Bill Thanks for this. We were just discussing the same solution. I already have some php scripts I’m using for the HTML5 deployment of a LC stack as a portal to the same database.
The whole thing needs an overhaul. I’ve inherited this world of pain that has been 10-15years of amateur coding. A testament to LCs ease of learning for my client who had no coding background before. But, boy, is it a mess. The call to the server along with all the credentials had been copy pasted over 900 times inside 700 objects. That’s just counting each time it opens a connection to the database. Bonkers! I think we’ve got a plan of attack now and some light at the end of this very long tunnel. Let’s see how much speed I can get out of this chuff chuff in the tunnel. Sean Cole Pi Digital > On 16 Oct 2020, at 17:31, William Prothero via use-livecode > <use-livecode@lists.runrev.com> wrote: > > Sean: > You might find this download interesting, perhaps useful: > http://earthlearningsolutions.org/wp-content/uploads/2018/07/RemoteDbEncryption.livecode.zip > > <http://earthlearningsolutions.org/wp-content/uploads/2018/07/RemoteDbEncryption.livecode.zip> > > It is a demo of AES encryption that I use. The livecode app encrypts it, > sends to a php file, which decrypts it and posts to a mysql database. You > could even store the data encrypted if you want, but I like to access the db > with phpMyAdmin. > > Best, > Bill > > William A. Prothero > https://earthlearningsolutions.org > >> On Oct 16, 2020, at 2:51 AM, matthias rebbe via use-livecode >> <use-livecode@lists.runrev.com> wrote: >> >> Hi Sean, >> >> there was a discussion a few weeks ago with the topic "Strange behavior >> between Mysql, MariaDB and SSL." >> I am not sure if the information in that discussion will solve your problem. >> >> Another approach is the following. For security reasons we do not let >> communicat our LC apps directly with MySQL Databases, if the Database is >> hosted on a public server. >> >> We using a Livecode Server Script on the Webserver for doing the complete DB >> communication. >> Our standalones (Mobile and Desktop) send the requests (password encrypted >> string) either as POST or GET to the LC Server script. The script encrypts >> the request string and executes it. The return from the DB is then returned >> to our standalone. >> >> Another way would be to use an LC server api HostM is providing for free. >> https://www.hostm.com/tutorials/livecode/api-mariadb-mysql >> >> >> Regards, >> Matthias >> >> - >> Matthias Rebbe >> Life Is Too Short For Boring Code >> >>>> Am 16.10.2020 um 10:34 schrieb Pi Digital via use-livecode >>>> <use-livecode@lists.runrev.com>: >>> >>> Hi >>> >>> I’ve found myself out of my depth and in need of advice. >>> We have a cPanel webspace with mySQL running on a phpMyAdmin layer within >>> the cPanel setup. Communicating with it from LC has been a breeze. However, >>> doing a traffic scan we noticed that our queries and responses from the >>> database are completely visible. Obviously a high security risk. >>> >>> Using an ssl certificate set, how do I implement this? How do I get cPanel >>> to allow for it and get LC to make use of them when using revOpenDatabase? >>> I have the useSSL flag set to Boolean ‘true’. I’ve tried using the set >>> certificates pointing it at the three ssl files. But the data still is >>> fully readable as plaintext in both direction when checked by our traffic >>> scanner. >>> >>> Thanks >>> >>> Sean >>> >>> _______________________________________________ >>> use-livecode mailing list >>> use-livecode@lists.runrev.com >>> Please visit this url to subscribe, unsubscribe and manage your >>> subscription preferences: >>> http://lists.runrev.com/mailman/listinfo/use-livecode >> >> _______________________________________________ >> use-livecode mailing list >> use-livecode@lists.runrev.com >> Please visit this url to subscribe, unsubscribe and manage your subscription >> preferences: >> http://lists.runrev.com/mailman/listinfo/use-livecode > > _______________________________________________ > use-livecode mailing list > use-livecode@lists.runrev.com > Please visit this url to subscribe, unsubscribe and manage your subscription > preferences: > http://lists.runrev.com/mailman/listinfo/use-livecode _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
