Hello everyone, I was directed here from the Servlet forum.
I have a calendar applet hosted on a cheap server. I'm using jdbc:mysql to connect and populate the calendar, user names and years. So right now it works, but i have two problems with it.
1. The database connection info is inside the jar IE "con = DriverManager.getConnection("jdbc:mysql://" + localhost:3306/test, root, 1);" is that an issue? I've been told both yes and no.
2. Because i'm using jdbc i need a vpn, which is a bit more expensive for such a simple website. is there any other way besides the following?
3. My other option was to use php to access the database and send xml back to the java applet. can a php file handle multiple users doing this multiple times well? or will I actually need a servlet if i go this route.
I had it set up but it only worked once then I got an error but that may be for another thread.
For question 1, I'd say, yes, that's an issue. You are showing clients how to access your database ... at least clients sophisticated enough to decompile or simply extract strings from your Java byte code, which isn't very hard. Also, by using "localhost" in the connection string, you are forcing the client to be on the same machine as your database. That's probably not what you intended.
I feel like you could accomplish what you want by running a simple server, like Tomcat, and reimplementing your applet as a JSP and servlet web application. Does it really have to be an applet?
Joined: Nov 03, 2013
It doesn't have to be an applet I don't think, honestly I'm very new so I didn't know there was another easy alternative for web based use. When the applet was running on the actual server, it wasn't localhost that's just what i'm using for testing now. I was using the same connection info that the webpage login works off of and i got a connection error. I talked to my host and they told me I needed VPN, how accurate that is i don't really know.
I'd have to convert it all over to jsp so if thats my best bet i'l look into it. its only 3 classes. applet, gui and dbconnect.
Currently i'm using xamp to test things off of. does tomcat act as a servlet?
Tomcat is a servlet container - so it can act as a host to servlets you write.
Greg's spot on that you should not embed DB access info in applets. In fact, you shouldn't use JDBC from within applets at all for security reasons.
My other option was to use php to access the database and send xml back to the java applet. can a php file handle multiple users doing this multiple times well? or will I actually need a servlet if i go this route.
In terms of concurrency there's no difference between servlets or PHP - they're fundamentally the same thing using different languages.
haha good point i'm getting ahead of myself. sorry.
last thing i can think of before i'm set to go. how is it best to make sure someone doesn't do... insert.php?user=blah assuming user is a field the php is getting? I only want the calendar to be able to interact with it.
Again thank you, I've been at this from scratch for under a month so there is still tons i don't even begin to understand.
Joined: Mar 22, 2005
how is it best to make sure someone doesn't do... insert.php?user=blah assuming user is a field the php is getting?
But the calendar web pages would have the ability to do this? Then you need some form of authentication (and also authorization, since presumably not every authenticated user would have the ability to create new users). Check out Basic Authentication, which is probably about the easiest way to get started.