I was wondering if there any security issues with accessing a remote database via this method, it works fine when I test it.
I have purchased a JSON plugin from Marketplace that I use to access a PHP page from blueprint where I pass to the PHP web page parameters in the URL for the type of SQL query to perform e,g. http://www.mypage.com/getdata.php?type=getSeason?parm1=abc&parm2=123. I then have a blueprint node that gets the response and loads it into an array to process.
I thought as PHP has the database username and passwords it should be secure? I don’t do updates, only selects on the tables.
Direct communication is never secure. The client can always read traffic and redirect requests to custom web server (and also read all responses).
It may be a solution for a client to connect to a dedicated server and all requests are going there (the server communicates with the web server and returns the client information).
Of course, you can use your own security system, tokens, encrypted traffic for direct communication, but not quite secured.
It sounds to me like your PHP page is the only thing that has access to your data and you are using it as an API? - sounds about right to me and doesn’t sound like you are accessing data directly from your game client - I’d make sure that there’s no way to hack your URL to write anything or that it’s easy to figure out what’s what