I'm new here. I am currently enrolled in a Data Analytics degree program. I looked through the past questions but I could not find an answer to my question.
Here is my question. Let's say you have a plain and simple HTML form on a webpage. Each field is connected to a certain column on the database, correct? Like your first name and last name.
What if someone wanted to store the username and password on it's own separate database on a completely different server. How does the software know to send those form fields to a completely different database? Does it work off of IP? I'm really confused as to how this is accomplished.
This is a very high-level summary of what happens but hopefully it makes sense.
When the user submits the form, the form data on the HTML page is sent to the web server through an HTTP request. The web application then processes this request and typically uses a connection string (which includes information about the database) to connect to the database and update the database appropriately. Each field in the form does not have to be directly associated with a field in the database. For example, the application may be coded so that multiple fields are concatenated into one database column. The connection string can use either hostname or IP address, but hostname is typically used as it is more human readable.
When one wants the application to send data to a different database, they can just modify the connection string. This is typically done during web app development when switching environments. For example, in the attached diagram, if I wanted to use the production database instead of the test database I could modify the connection string within the web application so that it is pointed to the production database by simply changing the hostname in the connection string.
Related
I'm quite new to React and after doing a Todo web app I've tried creating my first fullstack web app.
The app sends a request upon entering an Email and pressing a button that should send the users mail to a DB and get his IP which would also be stored into the same DB. This would later be used to check if the user had already done something on the site (After entering the email the client-s sent to the next page) and disallow the user to proceed if either the email or IP are already stored in the DB. What would be the best way to both grab the IP upon entering the email and what would be the best approach in regards of storing it into a DB? (Should I even store it there is there a better alternative).
I'm writing my code with Typescriptx and using Express for my backend & postgres for my DB.
TLDR: How to get the clients IP onClick / upon recieveing a request from them and store it in a database to later compare when the user sends the same request again
On the server side, you can get the IP address from the incoming request. That's the right way to do this (but see below: I think you probably don't want to do this).
In express, this is available via req.socket.remoteAddress. If you're behind some kind of reverse proxy like a CDN then this will give you the CDN's IP, not the real user, but all modern proxies will include the original IP in a request header such as X-Forwarded-For to work around this. You can get the IP from there instead, if that's present. You'll need to look at the docs for your specific infrastructure to check the header they use in this case.
That said, it sounds like you're trying to ensure each user can do exactly one thing, so that after sending an email nothing else is allowed. Is that right?
If that's the case, limiting it by IP address isn't a great solution. Two reasons:
Many users share an IP address, e.g. many many mobile users who are behind CGNAT, everybody sharing an office/home, etc etc
At the same time, many users have multiple IP addresses, e.g. offices that use multiple internet connections in parallel for failover or performance, or people taking their computer from their home to a cafe, etc etc.
In both cases, you'll end up blocking or allowing large numbers of users incorrectly. Typically this kind of thing is done with cookies/local storage on the client side instead, which lets you block this individual user's browser. That will work correctly in environments with shared IPs and environments with multiple IPs.
A client-side approach is not 100% secure, since a technical user could easily clear their cookies to avoid this. If you need a hard guarantee though then neither option would work (it's easy to change your IP too: go sit in the coffee shop outside, or use your phone as a hotspot). In that case, you need to tie the user to something they can't as easily change, maybe an email address, credit card, or even legal ID if you're seriously trying to lock this down hard.
I wouldn't bother: for most web app, client-side storage is usually the right choice.
I wanted to save all my data from firebase database into a local database in (JSON format only) for my application to access it when not connected to internet. It consists even images in it along with string form of data.
Firebase allots very less space for offline mode saving data into the application hence can't use it.
I want data to be first saved in my local database and then to be retrieved into the recyclerView of my application.
Moreover I want to save login details as well as other user specific details required to keep the application function without internet into particular user's login.
Searched for answers but no reliable or step by step guide I encountered.
Are these things possible? What should I do ? Please guide.
I have created an Access DB with a nice front-end, however the db is not split.
The DB is in a network location and it is shared between 5-8 users. Data loss occurs from time to time: some stored queries just disappear when sending their output via e-mail through a macro, for example.
I have read on several sites that to prevent this, I should split the db and make each user work on his/her frontend.
However, in the context I am it would be much better to have the users working on a single shared file.
The question is: If I split the database and make the users share the front-end file, would I be preventing data loss/corruption?
We now have one site running but we will need to build a branded site for our client soon. The client site will have exactly the same data set as our current site expect for the user data. The client site must have totally separated user info which allows only the client to use the site.
I don't see the need for setting up a new database or creating a new user table for the client. My tentative solution is add a "Company" column for the user table so that I can differ which site the user data row is on.
I do not know if this approach will work or not or if it is the best practice. Could anyone with experience like this shed some light on this question?
Thanks,
Nigong
P.S. I use LAMP with AWS.
Using an extra column to store a company / entity id is a common approach for multitenant system. In general you will want to abstract the part that that verifies you can only retrieve data you're allowed to a piece that all queries go through, like your ORM. This will prevent people new to the project from exposing/using data that shouldn't be exposed/used.
I want to connect Django to a database that the user will set in the main page.
The user will have to precise the engine (with a combobox), the database, login, password etc in a form, and I want to proceed the connection with the submit.
So far, I tried to set "DATABASES = {}" in settings.py, but it returns an error.
Have you got any clue about how to do it?
You have to connect your app to a database.
There is no way that I know of to change the database connection dynamically.
The only things I can think of are a bit convoluted:
If you want to change your back-end database:
I would suggest having a separate setting file for the database (I will call it dbsettings.py) that you will include in the settings file.
At the submit, you would lunch a script that will change the dbsettings.py file, and restart the django server (with a CLI call for example)
If the database is user specific, configure and fire up another django instance, and have the two instances communicate (you could use celery for messaging or django commands)
I (and other people) may come up with better solutions if we had a little more details