I’m making a company pricelist app for the iPhone.
Most of my application is finished, except for the “security” part.
I use PHP to extract from the SQL database, and encode it as JSON. All this is fine, except….
I would like to protect my pricelist data from others not accessing the URL request from a browser. I’m not a great web / php programmer and I’m not sure how to implement this on the serverside.
For now I have just made a user/password in the URLRequest like
www.hopepage.com/searchDB?User=Jack&Pass=Jones&Comp=iPhone%
In the PHP I have then made something like
IF user and pass in user database then Select * from components where comp like &Comp
However, this request shows my login in the URL string, an what is somebody sniffs this string ? I guess this is fairly easily possible ?
I have read a bit about SSL and HTTPS, but I’m not sure how to implement it on the serverside.
Anybody knows about good documentation, or can lead me in the right direction ? Maybe a tutorial hidden somewhere on the net (I have searched, but maybe not used the correct words). Anybody
