C#/ C ++客户端-服务器应用程序
[英]C#/C++ Client-Server application
问题描述
I'm coding an application which will be given to many clients, in order to not allow them to direct access to my database I started developing a server application with C++ which receives the client requests, interact with the database and send the responses. 
我正在编写一个将提供给许多客户端的应用程序,以便不允许他们直接访问我的数据库,我开始使用C ++开发服务器应用程序,该应用程序接收客户端请求,与数据库进行交互并发送响应。 but this seems to be a little bit complicated, is it better to allow the client application to interact with the remote database ? 但这似乎有点复杂,允许客户端应用程序与远程数据库进行交互会更好吗? and is there any risks with this? 这有什么风险吗?
First solution : 第一个解决方案:
Second solution : 第二种解决方案:
3 个解决方案
解决方案1
1 2016-04-18 04:28:09
Typically you would abstract the database with an interface. 通常,您将使用接口对数据库进行抽象。 A classic would be odata, which visual studio can build as an asp web service from a wizard. 经典的是odata,Visual Studio可以通过向导将其创建为asp Web服务。 This is restful as Joakim recommended. 正如Joakim推荐的那样,这很安静。 https://en.wikipedia.org/wiki/Database_abstraction_layer https://en.wikipedia.org/wiki/Database_abstraction_layer
解决方案2
0 2016-04-18 05:03:44
There are various options like the one mentioned by 'tim' which can be done without using ODATA; 有多种选择,例如“ tim”所提到的选择,而无需使用ODATA即可完成。 that means creating a data layer (separate application) which will cater the requests from client and wont let them access the database directly. 这意味着创建一个数据层(单独的应用程序),该数据层将满足来自客户端的请求,并且不会让它们直接访问数据库。 However, before suggesting I would like to know how you are hosting the web application? 但是,在建议我之前,我想知道您如何托管Web应用程序? You can still achieve no-access by client by blocking remote access to the database. 您仍然可以通过阻止对数据库的远程访问来实现客户端的无访问权限。 The concerns depend on your code and structure; 关注点取决于您的代码和结构。 both approaches are valid! 两种方法都有效!
解决方案3
0 2016-04-18 05:11:08
if you have a C# client why not use a C# WCF server? 如果您有C#客户端,为什么不使用C#WCF服务器?
what you do in soultion 1 is usually the best practice. 您在灵魂1中所做的通常是最佳做法。 it allows you to: *later switch the database. 它允许您:*稍后切换数据库。 *hides from your client the database's structure. *从您的客户端隐藏数据库的结构。 meaning that if someone decompiles your client they wont know how to attack you. 意味着如果有人反编译您的客户,他们将不会知道如何攻击您。
but it is more complex and takes lots of extra work. 但它更加复杂,并且需要大量的额外工作。
if you don't fear someone will hack your database . 如果你不害怕有人会破坏你的数据库 。 and you KNOW the database structure will undergo only very minor changes EVER . 你知道数据库结构将永远只进行非常细微的变化。 you can skip this and talk strait to the database. 您可以跳过此步骤,并与数据库对话。
but you are probably wrong. 但是你可能错了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.