I am developing mobile app using jQuery mobile and phonegap. In that I have developed user login functionality and maintained loged in user id in localstorage, So I can relate user activities.
My application is working correctly, But I am worried about external modifications in localstorage. Can it be possible to modify localstorage values outside application.
Code In app :
localStorage.setItem("userid", 60);
Can user modify it manually Or it is safe to use?
If it is any kind of secured data, then it is safe to use Shared Preference in android.
SharedPreferences settings = PreferenceManager.getDefaultSharedPreferences(getApplicationContext());
SharedPreferences.Editor editor = settings.edit();
editor.putString("KEY","VALUE");
editor.commit();
You can access it by plugin.
Similar question is asked here go through it -
How to store a json data securely in phonegap android?
The localStorage saves it's key/value pairs per domain (Same-origin-policy). Since a phonegap app will get its own "domain" you do not need to be worried about other apps modifying your variables.
Also see this question right here: In HTML5, is the localStorage object isolated per page/domain?
Nevertheless, I would recommend to not save any sensible data on the client side, it would be better to do this on the server.
Related
I'd like to create a web app where the user is able to create a session, with the session being accessible even after leaving the page/browser.
An example would be http://lichess.org where the user goes to 'Create a game' and a page is created. That page then remains accessible even after the session is finished; see: http://en.lichess.org/i8pV0vEv
Essentially what I'd like to know is, what would be needed in order to create a similar effect. I've programmed tonnes over the years, just web environments are new to me! Scala seems like a contender, but in all honesty I have no clue. Perhaps javascript?
Any advice would be appreciated, thanks.
If you want to store user session data permanently irrespective of whether user is on the website or not you may use browser storage facility of HTML 5.
where you can store data on user's browser in form of key value pair and the data will be there permanently(based on type of browser storage you are using) and you can easily manipulate data using javascript.
There are mainly two types of browser storage.
Local Storage: will be there permanently and can be accessed anytime you want.
Session Storage: will be there till the page is open and cleared when user close the browser window.
For your requirement my recommendation is to go for Local Storage
Advantages of Using Local Storage
Can be manipulated easily using JavaScript.
Will be permanent.
No server-side scripting hence, fast to load and manage.
Disadvantages of using local storage
won't work in browser not supporting HTML5(supported in IE 8,chrome 4,Mozilla 3.5,safari 4,opera 11.5 and above)
User will be able to manipulate/delete the value(The browser storage value can be manipulated using resource option of Browser developer tool)
Wont be permanent if user is visiting in In-cognito/in-private mode.(but will be stored during the session.)
Data limit of at least 5MB
Data will be deleted when user clears browser history.
for further reference checkout w3schoold
http://www.w3schools.com/html/html5_webstorage.asp
Web programming is generally session-less and you need a cookie to simulate a session. You save this in your client's browser and in a database to be able to tie them together. Or you can use the browser-session which in the end is also a cookie, but does not scale very well as it's saved in the internal mechanisms of the web-server.
There's nothing Scala specific here, but if you would like to give Scala a try, have a look at Play framework. It's pretty beginner friendly and already has built in support for everything you would need like Sessions, Cookies and Database access.
I am building a hybrid app (Ionic) and only need local storage to save my database objects.
The app simply allows you to store, edit and view simple Notes.
Now, obviously I need to make sure that when the user saves a note, it remains stored on his phone.
My question is, are there any dangers of using window.localstorage in this context? Moreover, in which cases will the user loose all its data? One obvious case is when he deletes and re installs the app.
If local storage is not the way to go, what other ways are there (or does it always require a server side solution)?
Local storage is indeed an easy way to store data in a Cordova app.
As pointed out by JohnAndrews all the data can be lost if the user clean the application data.
On top of that LocalStorage present some limitations:
it very handy for key-value pairs but can be hard to store complex data
You cannot "query" your data
If you are using more than 1 webview on your mobile app you need your HTML5 content to came from the same domain, otherwise the LocalStorage data will not be shared across webviews.
If you want to have more info about data storage possibilities on Ionic (Cordova) apps check their official docs http://cordova.apache.org/docs/en/4.0.0/cordova_storage_storage.md.html
There are a few limits I found serious when using localStorage (in my case) including:
Storage limitation (~5MB) depend on browser (for more info here)
Only store string so you will end up convert into json (JSON.stringify) and query through json object
Once the mobile storage is full, it will force pure all the data inside storage
I end up looking for new candidate (sqlite seem promising but having some issue for iOS 10)
On the other hand, if your application store small amount of data or mostly do transaction with online database. localStorage seems pretty good
Easy to use, already available for most browser
Json work like NoSQL
I am trying to understand the features of the localStorage. Suppose, I am storing large json via localStorage. I want the stored data to be shown to the testing team. If I display the stored data in a HTML page and then send the link to the testing team then they will see null, as localstorage stores data locally. The data is too large to copy/paste in a .txtfile. Is there any way of displaying localStorage data, so that it can viewed by others remotely?
The clue is in the name - local storage is local.
There is a work around in that you use iframes and the postMessage API to access localStorage from an external domain.
Is it possible to use HTML5 local storage to share data between pages from different sites?
As Jack Zelig points out, localStorage is local. But it is not only local to the domain but also to the particular browser on the particular machine. You cannot share it between browsers nor between devices. There is no work-around for that. To show it to remote people, you MUST be storing it or sending it through a server to which both devices/browsers are connected, at which point localStorage is irrelevant.
Think of localStorage as a new, improved version of cookies.
I'm making a PhoneGap app that needs to store some user data. On the initial app startup, the user will be asked to type in a URL. Because the URL may potentially be long, I wish to save it on the user's device so the he doesn't need to re-enter the entire string every time he starts up the app.
Initially, I was planning on using LocalStorage for this. However, I've heard that LocalStorage doesn't save data very permanently. It would greatly hurt my app's usability if the user had to type in the URL more than once every month or so.
Should I use SQLite instead of LocalStorage for this purpose, or is LocalStorage reliable enough on most mobile devices for this kind of usage?
You should'nt use LocalStorage because it's no longer a persistant storage on IOS since 5.1 and also because Apple can reject your application.
You have several choices :
Using the File API
Using WebSQL (5 Mo max i think)
Installing the SQLite Plugin
For the last choice, you can also install Lawnchair (included) which provides an easy to use key value system on top of SQLite. You won't need to write any line of SQL to use SQLite.
I hope this question belongs here. I am developing a web application for a client. It involves creating appointments/quotes for tradesman and need some advice.
Basically there are products that can be added to a quote created on the webapp. I want to be able to select the quote on the mobile app from a smartphone a fill out the quote.
The problem I face is that because there might not always be internet connectivity I need to store quote data offline on the device so that it can be synchronised when there is internet.
Here is the process using the mobile app:
User gets appointments from web application and stores them (preferably in a database)
Even with no connection user can then fill out quote on the appointment.
User saves quote
Mobile app automatically sends new quote to web application (if connection)
When internet is available user manually synchronises data
The web application takes care of creating appointments and managing the products. The mobile device stores it's own copy of the products and simply just a reference to the quote.
So the user can see a list of appointments. Selects the appointment and then begins to add products.
appointments
appointment_id
description
products
id
description
quote
id
appointment_id
product_id
The web application has been developed in PHP.
I'd like to take advantage of HTML5's offline storage for the mobile app as I'm a web developer and don't have time on this project to learn a native language (i.e objective-C). I've read in a couple of places that web SQL database is not going to be continued so I'm not really sure what my options are.
Also for code in thinking HTML5 and JavaScript, so probably using jQTouch or jQuery Moble.
If anyone has any suggestions or recommendations for me that would be great!
I have a jQuery Mobile app which stores data off-line. Users push completed records up to a web service when connected (the app also uses the off-line capabilities in HTML5). This uses Web SQL (which is SQLite in WebKit and Opera) in Mobile Safari, and works well on the principal devices (iPad / iPhone) but is also fully functional in Chrome and Safari on the desktop (I haven't tried Opera, but obviously it wouldn't work in Firefox or IE).
A few considerations:
As you point out, Web SQL has a somewhat uncertain future. You might want to look at IndexedDB instead, although depending on the browsers you need to support Web SQL might just be fine.
Local database size is limited, but you should be OK if you "purge" data flagged as complete and submitted every so often (I think it's 5MB per db or thereabouts, so quite considerable).
My app talks to a SOAP web service via ajax, and we're all on the same domain. You may need to look at CORS / reverse proxies and such if domains are going to differ
I don't like fiddling with XML in Javascript, but XMLObjectifier makes that side of things easier (parses XML into JSON objects)
PhoneGap applications use HTML5 and CSS3 for their rendering, and JavaScript for their logic
What that mean is that you have two possibilities, whether your client's data in your application is meant to be modified without an application update or not. Since I cannot determine that from the information you gave in the question, I'm going to detail the answer for each case.
If your client's data does not need to be updated (without an update of your application)
In this case, you consider your client's data to be static. The provenance of this data is not relevant, as you will include it in your application data, like any other text or image (or other asset), before distributing your application. That means that the listings of your client will be tied with your application, and that modifying them will require to update your application.
Technically that means that you will simply add your client's data as a static file. It can be HTML5 code, right in the middle of your own application code, or it can be any kind of file (for instance Json), that your application will have to parse and display (using JavaScript).
However, if you go for the HTML5 solution, for maintainability purposes (and maybe other reasons), you will probably want to separate the content from your client from the content from your application. To do so, create an HTML5/CSS3 page which contains your client's data, and include it in your application's page(s) using that method (or you can use the pager.js library as mentioned in this answer).
As a side note: the next method will perform as well as this one in the present case; with the downside of being a bit more complex.
If your client's data needs to be updated without an update of your application
In this case, you consider your client's data to be dynamic. The provenance of the data is relevant, as only the method to fetch the data will be stored in your application: the rest will be done by the device which will execute your application. While more complicated to achieve, this method has the advantage of allowing a constant update of the data without requiring an update of your application.
Technically that means that you will describe your application layout and (graphical) design in HTML5/CSS3, and that you will code your application behavior (fetching your client data, storing it, querying it, displaying it, etc.) in JavaScript.
To do so, you will need to fetch your client's information using JavaScript (embedded in your application's HTML5 files) and then use JavaScript again to store these information in the PhoneGap Storage. Then, your application will also need to query the PhoneGap Storage (still using JavaScript) to access the stored information and to display it, according to the layout/design described in the HTML5/CSS3 files (probably the HTML5 skeleton in your application for your client data logical layout, with CSS3 ids and classes for its design/appearance).
It is worth noting that if you have an always-online device, as long as your client's website is up, you don't need to store the listing information in your application. But if your client's website goes down, or if the device goes offline, you will need a local storage.
Bottomline
In other words, if your application never requires an Internet connection to work, it is safe to include the listings within the HTML5/CSS3 data; otherwise, you will need to go for the JavaScript/PhoneGap Storage solution, even though it's more complex.