MySQL DB is hackable?

Harsh_Rajput · May 6, 2020, 3:48pm

This is my login screen blocks

Harsh_Rajput · May 6, 2020, 3:51pm

Referral Points and Joining of users. Basically they are increasing their points and referrals.

Harsh_Rajput · May 6, 2020, 4:20pm

@Rogerio_Rios How to fix SQL INJECTION? I am little bit understood about SQL Injection? Now How am i fix this

Taifun · May 6, 2020, 4:24pm

I wrote something about that in chapter “PHP Script” here App Inventor Tutorials and Examples: MySQL | Pura Vida Apps
Taifun

Harsh_Rajput · May 6, 2020, 4:31pm

Thanks @Taifun
But how to prevent in kodular?

Rogerio_Rios · May 6, 2020, 1:59pm

Sorry, I posted on the wrong topic. @Kodular
The right topic is this:

It’s not the Mysql bank.
If your code is not done well they invade. One way is SQL INJECTION (ORACLE, MYSQL, POSTGREE …)

Rogerio_Rios · May 6, 2020, 4:36pm

Friend, the examples of links explain how it happens and what we should and should not do.

https://www.w3schools.com/sql/sql_injection.asp

Harsh_Rajput · May 6, 2020, 6:41pm

@Rogerio_Rios I am still not find any solution. Now what should do I for protection.

ShaikhSajidAli · May 6, 2020, 10:51pm

I already mentioned

Harsh_Rajput · May 7, 2020, 5:33am

I found the problem.
SQL INJECTION is not a problem.
The problem is they are capturing our Http data by using HttpCanary App.
They get every query and all data from the database.

Now How to prevent from this?
Please Help Me

George_Loungos · May 7, 2020, 5:42am

Please don’t tag people to get attention.

Harsh_Rajput · May 7, 2020, 5:43am

I am not get any attention.
I am just want to solution

George_Loungos · May 7, 2020, 5:55am

By tagging people you send a notification to them. Imagine everybody to tag the same users if they have a problem. By tagging kodular you notify 9 people at once. They already see your topic. If they want to answer they will, no need to tag them.

Harsh_Rajput · May 7, 2020, 5:56am

Ok I am apologize.

George_Loungos · May 7, 2020, 6:19am

I try to capture packets in my app with this program but when i run it my app returns connection failed and it doesn’t return anything. If i close the program then my app works again and receive data. Did you do something diffirent?

Harsh_Rajput · May 7, 2020, 6:26am

Is it your phone rooted?
If not you have to install parallel space from http canary app.
Go to settings in side menu and download from this app.
You have to use parallel space and add parallel space in this app and then u able to capture packets.

George_Loungos · May 7, 2020, 7:05am

I install parallel space 64bit and my app returns me an error message that i setup if the response Code isn’t 200 but still not getting any data in HttpCanary.

ShaikhSajidAli · May 7, 2020, 7:27am

HttpCanary is rest api debugger app same as postman for web.
You url is exposed somewhere so anyone can post data via this

juananton1991 · May 7, 2020, 8:19am

Hi @ShaikhSajidAli,

this is an interesting discussion.

I do not know if it would work better to put the MySQL codes in php files on your hosting, as I indicate on this website:

and also encrypt the data, for example with this extension:

Harsh_Rajput · May 7, 2020, 9:28am

Hi @ShaikhSajidAli
So i had just read lots of documentation about this.
I didn’t get any clue . So how to protect url.