Android + MySQL using com.mysql.jdbc.Driver

krishnaveni · February 9th, 2012, 07:36 AM

i tried mysql connection through jdbc in android....here i added dis code in myapplication.java file.

Code:

// interact with <em>MySQL</em>!!!
 private View.OnClickListener onSendRequest = new View.OnClickListener() {
  @Override
  public void onClick(View v) {
   EditText username = (EditText) findViewById(R.id.Huusername);
      //    String un = " " + username.getText().toString() + " ";

      System.out.println("<em>MySQL</em> Connect Example.");
      Connection conn = null;
      String url = "jdbc:<em>mysql</em>://localhost:3306/";
      String dbName = "database";
      String driver = "com.<em>mysql</em>.jdbc.Driver";
      String userName = "root"; 
      String password = "";
      try {
        Class.forName(driver).newInstance();
        conn = DriverManager.getConnection(url+dbName,userName,password);
        Toast.makeText(getBaseContext(),
      "Connected to the database.", Toast.LENGTH_LONG)
      .show();
        conn.close();
        Toast.makeText(getBaseContext(),
      "Disconnected form the database.", Toast.LENGTH_LONG)
      .show();
      } catch (<em>Exception</em> e) {
       Toast.makeText(getBaseContext(),
      "<em>Exception</em> e.", Toast.LENGTH_LONG)
      .show();
        e.printStackTrace();
      }


  }
 };

...Here i got dis error in my console part:
Dxwarning: Ignoring InnerClasses attribute for an anonymous inner class
(com.<em>mysql</em>.jdbc.interceptors.ResultSetScannerInterceptor$ 1) that doesn't come with an
associated EnclosingMethod attribute. This class was probably produced by a
compiler that did not target the modern .class file format. The recommended
solution is to recompile the class from source, using an up-to-date compiler
and without specifying any "-target" type options. The consequence of ignoring
this warning is that reflective operations on this class will incorrectly
indicate that it is *not* an inner class.
------------------------------------------------------------------------
Then my logcat also having one error:
dexopt cannot open '/data/dalvik-cache/data@app@com.login.register-2.apk@classes.dex' for output...
how is cleared both error.plz help me.

jiminaus · February 9th, 2012, 01:57 PM

You could try getting the source to Connector/J and recompiling it.

But I would you suggest you stop what you're doing. What you're proposing to do is to send SQL queries directly from an Android device over the Internet to a MySQL server. This is against the rules we learn in Internet Application Security 101.

If you expose a database server to the Internet, you're not just exposing the database to your application, you're exposing it to everyone on the Internet. Don't be fooled into thinking password protection is going to help you.

What you want to do is to setup a web server as a middle-man, perhaps using something like PHP. Your android application sends high-level requests over HTTP to your web server, not SQL queries. Your web server then queries the database on the android application's behalf so that the database server can now be safely behind a firewall. Your web server then formats the results into a form your android application can easily digest, such as JSON, and sends it back as a response to the initial HTTP query.

Let me reiterate that any application should never be able to send SQL queries to your database over the Internet, even via a web server. I've seen how-to blog posts on the Internet were a PHP script simply takes an SQL query over the Internet and forwards it to the database server. This is a wrong and lazy approach; not much better than just exposing the database directly.

If you do it right, you'll end up with a whole data-access layer sitting on your web server. This extra effort doesn't go unrewarded. Not only does is minimise the attack vector on your database, it also decouples your android application from your database. This lets you freely change the database without affecting the android application, all you need to do is update the web server.

Look into the concept of the SQL injection. If you don't validate all parameters coming in from the Internet, then you undo all your hard work from a security point-of-view.

If this is sounding hard and/or scary, it should. Think about all the high-profile databases that have been hacked recently. And they're just the one's that have been detected and publicised. These many more that are detected and very private. I fear there's many more still that are never even detected as having been hacked.

krishnaveni · February 10th, 2012, 05:01 AM

already i done dis tutorials....New tutorials | Hello Android i done mysql database connection using php and json webservices...now i need mysql database connection using jdbc..so now i wrote the code here.

Quote:

package com.example.login;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
import android.app.Activity;
import android.os.Bundle;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.TextView;

public class LoginLayoutActivity extends Activity {

EditText un,pw;
TextView error;
Button ok;

private static final String url = "jdbc:mysql://localhost/xcart";
private static final String user = "root";
private static final String password = "";
/** Called when the activity is first created. */
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.main);

un=(EditText)findViewById(R.id.et_un);
pw=(EditText)findViewById(R.id.et_pw);
ok=(Button)findViewById(R.id.btn_login);
error=(TextView)findViewById(R.id.tv_error);

ok.setOnClickListener(new View.OnClickListener() {

@Override
public void onClick(View v) {
// TODO Auto-generated method stub

try {

Class.forName("com.mysql.jdbc.Driver");
Connection con = DriverManager.getConnection(url, user, password);

Statement st = con.createStatement();
ResultSet rs = st.executeQuery("select firstname,lastname from xcart_customers");
while(rs.next()) {
Log.i("log_tag",
"firstname: "+rs.getString("firstname")+
"lastname: "+rs.getString("lastname")
);
}

} catch (Exception e) {
e.printStackTrace();
}
}
});
}
}

...now my logcat having one error...the error is:
Could not find class 'javax.naming.StringRefAddr', referenced from method com.mysql.jdbc.ConnectionPropertiesImpl$Connection Property.storeTo...i don't know how is cleared...so please give me some solutions.

SHAKTHI RAJU · March 7th, 2012, 10:28 AM

hi i have created app and connect to mysql database now i installed the app in my mobile phone now how to coonect with the databse which is in system

Football Fans: Download the 2012 Schedule App from Google Play!