|
I have a domain address and host
I don't want to have a site and I just want to have a server to put some data there
There are
1 - public-html folder where the index of a site could be placed in
2 - non public-html folder where the important files from security point of view are placed in
I put the data in non public-html
In public-html, I just put a php file called file1 which includes another php file called file2 which is placed in non public-html
file2 is responsible for uploads of the data to the non public-html and also some images and json files in public-html folder
But I don't want to have any index file that a site needs
Regarding security issues on server, what are the vulnerabilities of utilizing this type of file system instead of SQLite?
Do I use SQLite or I use encrypted json files in non public-html place of the server?
In other words, can I forget SQlite and use this type of file system management or it is dangerous or unsafe compared to SQLite for any reason ?
Example:
Imagine I want to register username and passwords of some users
User name is phone number of the user
I can create the following folders to register or retrieve the username and password of the users quickly:
1 - folder of international code
2 - folder of the first 3 digit
3 - folder of the next 2 digit
4 - the json file which the phone number is registered there
for example if the phone number is +518203040, we have the following folders:
1 - 51
2 - 820
3 - 30
4 - file1.json which the phone number is registered in
for encryption I totally make a different and vague json file which is not readable except that you have the key for decryption
Thanks in advance
|
|
|
|
|
First point, do not use encryption for passwords, it is potentially insecure. Use proper hashing as described in Secure Password Authentication Explained Simply[^]. If you do it properly then you can store it in SQLite, or any other type of database.
|
|
|
|
|
Thank for the article
I read the article but I still don't get from security point of view why a hash and salt should be created and saved beside password
It seems in this way we can ask user to enter any letter of interest as article specifies
From security point of view it seems useless
I mean an attacker just attempts to send username and password just like the original user who has forgotten his/her password
Can you please explain that for me?
|
|
|
|
|
You do not save the hash beside the password. The key to password security is that you never store passwords, either in clear text or encrypted. Both types can be hacked. You create a hash from a salt value and the password, and store the hash value in the database. When someone enters their password to login you recreate the hash from the entered password and saved salt value and compare with the stored hash. Hash values cannot (in general) be used to recreate the original data so are the most secure types for security.
|
|
|
|
|
Ok thanks, I got the point
In fact, It is not for protecting the database against brute force attack but It is protecting some other attacks
If somehow attacker reaches to the database, he/she can't access the passwords
I'm too worried about attacks, can I trust the server administrator for not deleting or editing a file from the server ?
|
|
|
|
|
AndroidVH wrote: can I trust the server administrator We could not possibly answer that. You need to check what service they are providing, and what guarantees they make.
|
|
|
|
|
|
Can you help me by providing online guideline for android mobile development?
|
|
|
|
|
Now see present mobile apps it will be use normally for the people
but we need some thing new like it will use for governament
it means we need to insert bomb hacking software in the mobile
* it is use to save the peoples from the danger
* it is use to cause less damage
so this is my suggestion
|
|
|
|
|
See here.
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
|
|
|
|
|
I need to clear some of my doubts regarding mvp and mvvm design pattern
1) In mvp and mvvm who updates the view .The presenter/view-model set the data to be displayed in the view or the view retrieve the data from presenter/view-model and display it
2) How both presenter and view-model differ from each other. "The MVVM uses databinding to update the view whereas the presenter uses traditional methods to update the view". Is it?
|
|
|
|
|
Researching for days and found lots of code using casting from TextView and doing :
textView.setMovementMethod(LinkMovementMethod.getInstance());
but I want to take the text from EditText object then append html formated text to the fetched EditText entry like this:
String result = getResources().getString(R.string.my_html);
String strMsg=message.getText().toString();
String msg=strMsg + " "+ result;
String phoneNumber=phone.getText().toString();
How can I make a blend of regular text and html hyperlink?
My java code:
public class ExumaActivity extends AppCompatActivity {
private final static int SEND_SMS_PERMISSION_REQUEST_CODE=111;
private Button sendMessage;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_exuma);
Bundle extras=getIntent().getExtras();
sendMessage=(Button) findViewById(R.id.send_message);
final EditText phone=(EditText)findViewById(R.id.phone_no);
sendMessage.setEnabled(false);
if(checkPermission(Manifest.permission.SEND_SMS)){
sendMessage.setEnabled(true);
}else{
ActivityCompat.requestPermissions(this,new String[] {Manifest.permission.SEND_SMS},SEND_SMS_PERMISSION_REQUEST_CODE);
}
sendMessage.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
final EditText message=(EditText)findViewById(R.id.message);
String result = getResources().getString(R.string.my_html);
String strMsg=message.getText().toString();
String msg=strMsg + " "+ result;
String phoneNumber=phone.getText().toString();
if(!TextUtils.isEmpty(msg) && !TextUtils.isEmpty(phoneNumber)){
if(checkPermission(Manifest.permission.SEND_SMS)){
SmsManager smsManager= SmsManager.getDefault();
smsManager.sendTextMessage(phoneNumber ,null,msg,null,null);
}else{
Toast.makeText(ExumaActivity.this,"Permission Denied",Toast.LENGTH_SHORT).show();
}
}else{
Toast.makeText(ExumaActivity.this,"Enter a messand and a phone number",Toast.LENGTH_SHORT).show();
}
}
});
}
private boolean checkPermission(String permission){
int checkPermission=ContextCompat.checkSelfPermission(this,permission);
return checkPermission==PackageManager.PERMISSION_GRANTED;
}
Fragment requestingFragment;
@Override
public void onRequestPermissionsResult(int requestCode, String[] permission, int[] grantResults) {
super.onRequestPermissionsResult(requestCode, permission, grantResults);
if(requestingFragment!=null)
requestingFragment.onRequestPermissionsResult(requestCode, permission, grantResults);
switch(requestCode){
case SEND_SMS_PERMISSION_REQUEST_CODE:
if(grantResults.length>0 && grantResults[0]==PackageManager.PERMISSION_GRANTED){
sendMessage.setEnabled(true);
}
break;
}
}
}
Then in strings.xml:
<string name="my_html"><![CDATA[<a href="http://google.com/">Go to google!</a>]]></string>
modified 1-May-18 17:09pm.
|
|
|
|
|
AlexanderBlade wrote: textView.setMovementMethod(LinkMovementMethod.getInstance()); Have you tried preceding this with:
textView.setText(Html.fromHtml(msg));
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
|
|
|
|
|
Thanks for getting back to me... yes I've tried Html.fromHtml(msg). My goal is to format it so that the recipient gets the hyperlink without showing the url. I'm able to hide the url but the "Click Me" in Click Me just shows up as plain text not a clickable hyperlink.
You did give me an idea though. It's hasn't worked yet but I'm trying to get the text from textView and get the text from string resource, append the resource string to the textView string, set the textView with the new combination, then finally use something like "result.setMovementMethod(LinkMovementMethod.getInstance())". Still not a solution. The "Click Me" is still plain text.
|
|
|
|
|
AlexanderBlade wrote: My goal is to format it so that the recipient gets the hyperlink without showing the url. Like this?
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
|
|
|
|
|
How can i listen to keyboard events in android mobile application. Like, when keypad is popped up my app has to know that the keyboard is visible to user and if user types android i have to capture that text.
|
|
|
|
|
When the keyboard is opened by your application or for any application?
For the latter case you would not get an answer here because that would be a sniffing operation.
|
|
|
|
|
I'm trying to get the coordinates of X and Y of the pattern lock component. The code that i'm using to create the Pattern Lock component is from aritraroy/PatternLockView which can be found on Github. Firstly, i set the root view on a view variable like this:
view=getWindow().getDecorView().getRootView();
and then setting the listener
view.setOnTouchListener(new View.OnTouchListener() {
}
Finally i create the the PatterLockViewListener:
final PatternLockViewListener mPatternLockViewListener = new PatternLockViewListener() {
}
What i want is by clicking the PatternLock component to get the coordinates(X,Y) in correlation to the root view. Instead i get the coordinates in all other components except from the PatternLock (by clicking the PatternLock component the OnTouchListener doesnt trigger and as a result, the code is not working/running)
|
|
|
|
|
Have you tried something like:
PatternLockView mPatternLockView = (PatternLockView) findViewById(R.id.pattern_lock_view);
mPatternLockView.addPatternLockListener(mPatternLockViewListener);
...
private PatternLockViewListener mPatternLockViewListener = new PatternLockViewListener()
{
...
};
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
|
|
|
|
|
yes i did, but with this listener i cant get the coordinates only the progression of the pattern.
|
|
|
|
|
I'm guessing the control itself is concerned with coordinates and such, whereas users of the control are more interested in whether it succeeded or not.
"One man's wage rise is another man's price increase." - Harold Wilson
"Fireproof doesn't mean the fire will never come. It means when the fire comes that you will be able to withstand it." - Michael Simmons
"You can easily judge the character of a man by how he treats those who can do nothing for him." - James D. Miles
|
|
|
|
|
i want to know sms appapplicaton source code
|
|
|
|
|
Then ask the person who wrote it to show it to you.
Or were you expecting someone here to write a complete application for you to present as your own work?
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
I want source code for audio data fetch using JSON URL from live website in android, can anyone have ?
|
|
|
|
|
This site does not provide code to order. You can search Google for sample code.
|
|
|
|