Link only available for my own app
Question
I upload some data to my server with my application. I send the data to a PHP file on the server and this PHP write the data in my database. This works fine.
But currently I have the link to this PHP unsave in my Android code.
Is there a possibility to save this link or make my PHP only for my app available?
2 answers
solution1
1 2013-08-22 07:58:34
Try to send some secret key as GET parameter to your PHP script.
You can set it on your app and then check it in your PHP script.
Something like this:
script.php?key=893284932890482304
And in your PHP script:
if ($_GET['key'] = '893284932890482304')
{
// do the rest
}
Another option is to set "User-Agent" in your app and then check this information in your PHP script. To be honest, I have no idea how to set "User-Agent" in Android app or iPhone app or whatever you have there, but there is probably some way to do so.
solution2
1 ACCPTED 2013-08-22 08:01:50
A static key could work but if the key is compromised by an app owner sniffing their own network traffic this protection will quickly break. A cryptographic system should be used instead, for example simple hashing of a secret salt with the time and date.
Both the client and the server should take the date and time to the minute in the same string format, concatenate it with a secret salt, and hash that. As long as the times are in synchrony, it should be fine.
You can also use a challenge-response system. The first request gets a challenge value, and all future requests include hash($challenge.$secretkey) which the server verifies.
More complex but worthwhile is OAuth.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.