Hi! Is it possible to connect an iOS-App to MySQL? For example using an extern library? For now it seems, that only local SQLiteDBs are supported…
I too am thinking of how to do this as easy as possible.
A php script on a remote server to talk to that in turn accesses the database maybe. Could be tricky though.
Yea, I also thought about a script. basically not sooo hard to code. But the security aspect (f. e. injection) could be the trickiest part.
Yepp. SSL would probably be good to use.
Some kind of “one time key” that is generated, sent and validated prior to db reads/writes in the script or something?
If you plan to develop something like that - let me know 
I’m not good enough in PHP to develop a stable solution.
Its not too hard, I am working on one at the moment, you just pass query strings in the URL to your php script and then just generate prepared statements on the server and I then return the recordset as XML. Use a SecureSocket from your xojo app to request the URL and then the response is your XML which you just parse as required. You could do some input validation within your app to filter out unwanted or possible injection but do the same at the server and use prepared statements and also use HTTPSecureSocket.
I am only crying out selects at the moment so I have fairly short URL’s to get my data back. It would probably be advisable to use the POST method to your PHP script and send your requests as form data, especially if doing INSERTS/UPDATES etc.
I cant really post demo code of my PHP script because I am using URL rewriting on my server and have a MVC setup so would be a bit of a handful to explain.
Thanks Mike, good info.
I’m gonna need remote db access sooner or later so I’ll give it a go as soon as I have the time.
In the meantime, If someone else does something sharable…
To add more security you could require logon prior to allowing anyone to access data but thats a whole other story. Very similar method but you would need users to be registered in advance and have a hash of their password in your DB. I say whole other story because user authentication is a subject matter on its own altogether but the sending and receiving of data is the same as I describe above although you definitely want SecureSocket when sending passwords over HTTP.
But basically it is all the same as accessing a website which gets data from a database, your app is the same as the browser accessing the webpage and you need to afford the same security you would from a browser.
PS: Never allow your app direct access to the remote database, you must always access through a script.
Instead of sending a password hash maybe my thought of generating a “one time key” in the iOS app that is validated by the script prior to any db work.
Could that be something to consider?
This discussion got me interested. I’ve got my afternoon set
If I don’t have to go christmas shopping…
Mike, how do you send the SQL statements? There are no Base64 or EncodeURL in iOS is there?
[quote=150253:@Albin Kiland]I too am thinking of how to do this as easy as possible.
A php script on a remote server to talk to that in turn accesses the database maybe. Could be tricky though.[/quote]
or perhaps a Xojo web App. you can write API’s quite easily with it using handlespecialURL
Of course. That would probably be easier 
Xojo Web Apps require some more from the server though. Most web servers handles PHP as default without doing any tinkering.
You don’t. Say you have a table called tblProducts, then you could have a script called products.php and within that you then read the POST or GET variables to determine what the query is.
For instance the url www.example.com/products.php?cat=3
Then within your php script you would have:
[code]If (isset($_GET[‘cat’])
{
$sql = "SELECT * FROM tblProducts WHERE catID = " . $_GET[‘cat’]
then run your query on your database
}[/code]
*** NOTE: The above is a really basic example and does not take into account ANY security issues such as SQL injection. Always use prepared statements
[quote=150289:@Mike Charlesworth]You don’t. Say you have a table called tblProducts, then you could have a script called products.php and within that you then read the POST or GET variables to determine what the query is.
For instance the url www.example.com/products.php?cat=3
Then within your php script you would have:
[code]If (isset($_GET[‘cat’])
{
$sql = "SELECT * FROM tblProducts WHERE catID = " . $_GET[‘cat’]
then run your query on your database
}[/code]
*** NOTE: The above is a really basic example and does not take into account ANY security issues such as SQL injection. Always use prepared statements
[/quote]
Also note if you are posting form data just replace $_GET with $_POST
I was also thinking about writing an API than an Query-Transferer.
If you transfer the whole SQL-string, you tell a lot about the DB-architecture.
If you transfer some variables and their values, the most work will be done by the script. But! It’s more complex than just execute the given queries.
I would be happy if there were a ready solution that anyone can access. I also would pay for it.
Lars, The example I give above is not query transfer. The query is constructed by your PHP script server side. You are merely passing values to the script with POST or GET variables just as you would when you log on to your bank or any other secure online service.
I know My post was a confirmation to your method, only a bit more extensively
I see that now I have re-read it. But you are right query transfer would be very dangerous not only would it tell you a lot about the database if intercepted but it would be very hard to do especially for prepared statements.
[quote=157499:@Richard Berglund]Maybe this would be a viable approach.
ArrestDB[/quote]
That looks like something! I’ll take a look!
Thank you 