How to password protect an SQLite Database ?
BlitzMax Forums/BlitzMax Programming/How to password protect an SQLite Database ?
| ||
| Hi guys, I have a sqlite database that I will distribute with my app. However, I don't want people to peek into the database. The application should access the database via code and use the password. I am using Brucey's excellent module (bah.DBSQLite). Could you please point me in the right direction? Thank you Marc |
| ||
| There appears to be some authentication stuff available for SQLite : http://www.sqlite.org/src/doc/trunk/ext/userauth/user-auth.txt I can have a look at implementing it if you like? |
| ||
| Hi Brucey, Thank you so much for your fast reply. I would be of course interested by a solution for this problem but I would not want to abuse your time. Is this lots of work for you could you provide a sample code? Would this work over my existing sqlite database? Here is my goal: I would like to store in the database a flag telling if the user has entered a valid activation code. If yes, the software should unlock all functionalities. This is why users can not be allowed to access the database. Please let me know what you think. By the way, I am already using your XML module in my app. you helped me tremandously already ;o) Marc |
| ||
| Hi Brucey, I managed to encrypt my existing SQLite database using the demo version of SQLiteManager: http://www.sqlabs.com I tried the following line of code from your module to access the database from Blitzmax. Local db:TDBConnection = LoadDatabase("SQLITE", "maxtest.db",null, null, "secret") "secret" being the password However my application now fails and provide the following error message. "DebugLog:(3) Error preparing statement : file is encrypted or is not a database (26) : " Any idea what I am doing wrong? I could share the encrypted database if that is helpful. Thank you for your help. Marc |
| ||
| Encryption is not the same as password protection. Database encryption is only available via paid-for third-party extensions. The one that the SQLite people support directly, costs $2000. On the other hand, password protection is a free extension that I will apply to the module. |
| ||
| Hi Brucey, Thank you so much for the clarification. I didn't understand the difference. Password protection is more than enough for my needs. Once done, I would like to compensate you for your work. I am thinking of an amazon gift card. Is the email address listed in your profile still valid? I would like to send you an email, if you don't mind? Thank you Best regards Marc |
| ||
| I've implemented user authentication support to the SQLite module. It's available from the github repository. There's also a basic example in the tests folder in the module : https://github.com/maxmods/bah.mod/blob/master/dbsqlite.mod/tests/auth_test_01.bmx When trying to access the database without first authenticating, you will get an error. I've no idea how secure a password protected database is. Is the email address listed in your profile still valid? Yes, it's the one for all BlitzMax related things. Please let me know if you have any issues. |
| ||
| Hi Brucey, Thank you so much for this update. I am checking this out and will try to integrate this into my existing application tonight. I am also using one of your other module "libcurlssl" and have some issues with this. I managed to get a correct response from the online selling site "gumroad.com" using the curl.exe on my computer but have no success from within Blitzmax to replicate the results. I am hoping that the answer will be obvious to you. The password protected database and the online verification of the licence keys from the gumroad server are the 2 pieces of the puzzle I am trying to put together. I would prefer to discuss this via email as it involves disclosing valid licence keys. I will revert back to you by email by tomorrow at the latest and I will of course keep my word. Thank you Best regards Marc |
   |