Solved

MySQL database data submission

Posted on 2016-10-30
7
39 Views
Last Modified: 2016-11-09
Hello Experts,

The question title seems confusing but no worries, it's a very simple question, I have a website with SSL to encrypt the data flowing over the web, I would like to add a functionality where a user submit his contact information and we get it in the database, in addition we want this data to be submitted to another server database as well. (sending the same data twice, first time to our original server and second time to our backup server)

We want to do that in securely manner to avoid any hacking while sending the information and the very important thing is, we want this to be transparent without exposing this while a user is digging into the source code or using other sniffing software.

Thank you
0
Comment
Question by:thebest8
7 Comments
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 41865940
The usual design for something like this is to have an API on the backup server.  Your primary server will receive the user's contact information, and use a POST-method request over SSL to send the information to the API.  The API will enjoy the same protection that the original submission has.

Sometimes a check-digit or md5() string is used in these re-POST-requests to ensure that the data is intact after it is received by the API.
0
 

Author Comment

by:thebest8
ID: 41865941
Thanks Ray for your input, Ok, to be honest I have no idea about APIs, also there must be a script or just the code to be added to the original server to re-send the info back to the other server?
0
 
LVL 108

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 41865960
This expert suggested creating a Gigs project.
This might be worth putting the question into E-E Gigs.  It's not hard to do, but it's time-consuming to write and test the code, and it requires hands-on access to your servers and databases.

Here are some references that can help you understand the protocols and the general design pattern that most RESTful APIs follow.  At first it's a lot to take in, but once you understand the HTTP protocol, the other parts will come quickly.
https://www.experts-exchange.com/articles/11271/Understanding-Client-Server-Protocols-and-Web-Applications.html
https://www.experts-exchange.com/articles/12239/Introduction-to-Application-Programming-Interfaces.html
https://www.experts-exchange.com/articles/22519/Understanding-JSON-in-PHP-and-JavaScript-Applications.html
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:thebest8
ID: 41865966
Thanks alot I will go ahead and read the articles from the links you provided, by the way i'm planning to do tests on a localhost server like xampp ... you think there will be any limitation?
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 41865974
Yes, I think it might be confusing to test this on localhost.  Since the deployment servers will be in two different physical locations, and will have two different URL addresses, I would want to test the application over the internet, using the servers and URLs that you will eventually use for deployment.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 41866118
I never use 'localhost' as an address for my web servers here.  I have 14 of them including XAMPP, WAMP, Apache, and IIS.  I use either the machine IP address or the machine hostname.  While 'localhost' can be used to connect to a database server that is on the same machine, most of the hosting companies I deal put the database servers on a separate machine so 'localhost' can't be used for that either.

The only purpose of 'localhost' is to restrict access to the server that the web server is on and prevent access from other computers.  Obviously (I think), there are no web sites on the internet that operate from 'localhost' because they would not be accessible by anyone else.

There are other problems with 'localhost'.  Chrome won't set cookies on 'localhost' because they do not consider it a 'unique' address.  'localhost' also bypasses the network functions so anything that depends on the way the network acts may work differently when you use 'localhost'.
1
 
LVL 76

Expert Comment

by:arnold
ID: 41866267
What is the relationship between the ain and backup server?
Is MySQL replication a consideration?

The issue often is that your data entry web interface might not have access to the backup server.
Another option as Ray pointed out in a way, is to have a process on the backup server that queries data from the main server adding, updating records as appropriate........
1

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
"In order to have an organized way for empathy mapping, we rely on a psychological model and trying to model it in a simple way, so we will split the board to three section for each persona and a scenario and try to see what those personas would Do,…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now