8

I see many people trying to connect an Android device directly in a database like SQL Server or MySql and the answers are always the same: Use a web service. Why not connect directly an Android device with a database? I'm using a local network with my Android application.

PearsonArtPhoto
  • 37,474
  • 17
  • 109
  • 139
Luiz Fernando Moratelli
  • 351
  • 3
  • 16

4 Answers4

14

There are a number of reasons.

  1. Security- If the user has direct access, they can get anything from your database. Plus they will have a password into your database. As a result, if the SQL server you are using has a flaw, then they can exploit it. Also, if your permissions are set up wrong, the could wipe your database.
  2. Speed- If the users frequently use large queries, then it can bog down your system quickly and needlessly. If you go through a web interface, you can throttle it.
  3. Accessibility- Web queries are supported by almost everything. It requires special clients to access SQL databases directly.

But if you trust your users completely, have the right libraries/drivers, then you could allow direct querying, and it might even be a bit quicker.

PearsonArtPhoto
  • 37,474
  • 17
  • 109
  • 139
  • 2
    Also increase memory size in phohe , is we saved database in mobile – Nirav Ranpara Nov 20 '12 at 11:07
  • The real question for me is: Isn't it same with the, for example a C# application running on Windows. It's better to use web services, instead of using direct connections because of absolutely same reasons. But it shouldn't be, there must be some difference. As a software developer which is using direct connection, either I'm doing it wrong or there is a difference which I didn't notice yet. – ErTR Mar 18 '16 at 23:38
4

If your app connects directly to the database server you have to hardcode username / password which is very insecure. With some tools an attacker can decompile your apk and can access username / password in this way and can connect to your database with read (+write) access without using your app.

Terel
  • 3,787
  • 1
  • 24
  • 28
0

The reason is the connection

You're not sure how many time you'll have to maintain this connection, if it's stable and if you're not going to lost it

Secondly, web-service are optimized to retrieve an information and serve it beautifully with standarts. You can also cache the informations to spare your DB

Plumillon Forge
  • 1,594
  • 1
  • 15
  • 31
0

Another reason not to access database directly

Problem If you changed database architecture. you have two solutions.

1- in direct access you will need to update every Client app
2- using service you only need to upgrading the service.