Never, ever, ever do this. ;-) It's basically asking for someone to hack - and nuke - your database out from under you. You never want to connect to it remotely, and you never want to send SQL commands to it directly. Use an intermediate layer.
For example, have a server process that accepts incoming connections and [indirect] commands that will end up modifying the database. But that process is capable of doing a lot of security checks: - Logins + permissions - DOS attack checks - Ensure validity of actions - Much more... The 3rd one there is probably most important. Instead of having a remote app send direct SQL commands to a remotely hosted database, you create action commands that end up performing the correct SQL under-the-hood. This has *many* advantages: - Clients have no direct access to the database (which may hold the data for many clients) - You can change your data schema without a client ever knowing, and no application updates are required. - The data storage method is hidden from potential hackers. - Much more... Jeff M. On Wed, Aug 4, 2010 at 3:10 PM, Bob Sneidar <[email protected]> wrote: > Hi Jan. > > Is accessing your database directly from a remote location taboo? I'm > developing an app that does exactly that! > > Bob > > > _______________________________________________ use-revolution mailing list [email protected] Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-revolution
