StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
20461754
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
2
CommunityOwnedDate
CreationDate
2013-12-09T01:47:51.740
FavoriteCount
0
LastActivityDate
2013-12-09T01:47:51.740
LastEditDate
LastEditorUserId
0
OwnerUserId
1695906
ParentId
20445120
PostTypeId
2
Score
1
ViewCount
0
LastEditorDisplayName
text
Body
To me, it's unthinkable to give your "application" -- which I assume means an "app" deployed on people's devices or maybe some kind of a desktop application -- direct connectivity to your database, unless the thought of putting the key to your car in a paper envelope and sticking it to the window seems secure. The application should have an extremely small number of very specific things it can do to the database, and should be leaving a trail of exactly what it does and from where and on whose behalf. The app can make requests to a service, such as a <a href="http://en.wikipedia.org/wiki/Representational_state_transfer" rel="nofollow">REST API</a>, running on your application server -- the "web service" -- over https, and your application server would then mediate the requests and fetch values from, or send updates to, the database, as appropriate... only after the app has convinced the application server that it indeed represents the particular user that it claims to represent. It's a fundamental principle that anything you don't control, you can't trust. "Why it would make a difference" is the difference between "Ha! I hacked one user's password" and "Ha! I stole your database." The application server can authenticate any request as being legitimate for the particular end-user credentials presented... while the database is, in large measure, ill-prepared to do anything of the sort. The end-user (not the application) would authenticate to the application server, the application server would validate those credentials against the database, providing no hints as to why authentication failed... user not found, password incorrect, we don't know, we don't care -- sorry, login failed. Give us your e-mail address and we'll send you a support email, or if that's not an e-mail we have on file, we'll pretend that we did. Hints help hackers. <blockquote> store ... PayPal seller credentials </blockquote> Well, you'll want to be sure that's not among the things that are prohibited from "collect, capture, use, or store" in <a href="https://www.paypal.com/us/webapps/mpp/ua/xdeveloper-full" rel="nofollow">section 10.1.2 of the Paypal Developer Agreement</a>. So, how do you do this? That part of the answer takes us a little bit out of scope, because there are many options, the landscape shifts, and it's largely a matter of opinion as to the "best" way but I'd assume ASP or PHP would be the most straightforward. Think of it as building a database-enabled web site without the hassles of making it pretty, because nobody's going to see it except that back-end of your app... and there's your "web service". <blockquote> I've been assured that I have no idea what I'm doing </blockquote> That puts you way ahead of the terrifying number of people who don't realize that they don't know what they are doing. 
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POConnect to AWS MySQL database in C# securely
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USMichael - sqlbot
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTUpMod
CommentsPostId
1. COThis is infinitely helpful and literally gives me all the information I need to head in the right direction. I will work on scoring information on how to design an application server that interfaces with my desktop app and move all of my database logic to that. Thank you so much!
 singulars
 PostPostId
 PO
 UserUserId
 USJack M
2. CO+1 for clear explanation of the process.
 singulars
 PostPostId
 PO
 UserUserId
 USAdam Moszczyński

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.