How to get User Data from the App? - ios

Is there a way to get data from the user while they use my app on their device (iPhone/iPad). For example, if the app fills a dictionary during the runtime about which avatar is used most of the time and which avatar not, is there a way to transfer that dictionary to me? Do I need a server?
This is my first time thinking about data transfers over the internet. I don't have any idea or any experience on how to do that. Somehow I feel it is impossible for some security reasons. I found the NSURLConnection class, but this seems to be only one way to move data from a server to the app.
Thanks.

Not sure if I fully understand the question, but I am assuming you would like to get information about how the user is using your application?
This is definitely possible; and yes, you will need a server to send, retrieve or store the information that you require, or else there is no way to get the data from the application to you! You will need to learn how server side and client side web scripting works (if you do not know already) as this is how the application will communicate with your server.
Depending on the kind of information you are trying to retrieve, there may be security issues and Apple may not accept your application. However, if your data is specific to your application features, there should be no issue of this kind.
HTH

Related

Anonymous contact form iOS app

I currently work at a school and have an idea to create an app that allows students to contact a grown up (for example, the principle) anonymously through an app. The app would quite simply consist of a contact form. I am trying to find out the best, and easiest way to achieve this without setting up servers with a separate API. Does anyone have a suggestion on how to achieve it? Is there any way to set up an e-mail form with a pre set recipient and a built in sender-account? Please guide me in the right direction.
You would need to implement an SMTP client. You can use open source code like skpsmtpmessage
It's likely that their example app could be your solution.
Your biggest problem will be the deployment. You definitely need to pay an $99/y developer account and add all the students device ID's to your account (with a maximum of 100 devices/y) or register all of them as beta tester (I don't know the limitations).
Probably this isn't doable so easily, as it seems you don't have iOS developing experience so far. Maybe you can find something on the app store that works with self hosted databases. But you definitely need to host some kind of webApp/API.
You may want to give Appygram a try to handle the back-end if you are able to set up the contact form itself. While it's a separate hosted API, at least you don't have to build/manage it.
Appygram is a free web service that would allow you to configure all the details such as which adults could be contacted, their point(s) of contact (i.e. email address), and it would process and send all the submissions for you. All your app needs to do is send a form post request.
A nice thing about having this information outside of the iOS app itself is that you can change the contact details on the fly without requiring an update to the iOS app itself. Whether you use Appygram (which, since I contribute to it, I am slightly biased toward!) or something similar, I would say that since this is for students, I would recommend a solution that would allow you to update your configuration without requiring app updates.
Finally, I'd second what Julian said. The challenge here could be with deployment. One possible alternative would be to make this a mobile-friendly web page accessible only via student login or on the school network (or both). Would probably be easier development-wise and wouldn't require installs nor the hurdles that Julian described with device registration, etc. And, Appygram would still work with this setup as well.
Good luck!

Prompting for credentials on saving data

I am developing an ASP.Net MVC4 app that uses windows authentication. One of the requirements of the app is to prompt for credentials when an item is edited, even though the app is already aware of the user's credentials (User.Identity.Name). This requirement is necessary to meet FDA software validation standards.
I read I can do Response.StatusCode = 401 and that will force a login prompt, but I am not aware of a way to capture that information so I can save it with the data. I also read doing this has other side-affects.
Would I have to use a mix of forms and windows authentication? If so, does anyone know of examples that might help me get started? Like I said, I have to capture the user credentials so I can save it with the data.
The basic purpose of the prompt is to ensure that the person editing the data is who they say they are. For instance, I can walk away from my computer with the app still open and someone else can come along and change data in my name. Hope that makes sense.
Thanks.
Anything dealing with reauthorization will need to be customized for your specific needs.
My recommendation would be to open a (client-side) modal with username/password, and pass that information along with the rest of your POST data. Obviously you will need to have a fallback for <noscript>, if that's a requirement as well.

How to modify presence subscriptions workflow on ejabberd server?

I am developing something with ejabberd server. I came to the need of changing the subscription logic. I am using ejabberd-2.1.11
My need is on how the subscription works, I would like to change the logic so that users upload their roster contact with subscription both automatically and and save in in the rosterusers table-colum subscription immediately to be B. So that they should be able to see online and in their contacts at least when the first one has already registered to the server. ( hope this make sense for you and is valid)
I am a very beginner in erlang and ejabberd architecture but I have already developed some basic modules, my question to you is if you could help me on this regard, how difficult is to make this change and if you could give me some hints where the changes would be
I'd stay away from modifying the server, it conforms to standards and follows the specification. So if you ever need to move to another server or upgrade, you know it's just going to work.
What you would do to achieve this is implement this behavior on the client using the server's features.
If you are really sure you want to modify the server, mod_roster.erl is the file you want to be looking at.
If using an external DB, you can also modify the DB directly, but changes won't be reflected until the clients log back in.

Can IsolatedStorage of Windows phone be hacked?

I use my app to download file then I save into IsolatedStorage.
Can someone hack and get my files or folders from my app?
I do not know how IsolatedStorage protects its data? Do we have another ways to protect data in IsolatedStorage?
Yes your data is vulnerable.
If this data contains user details, like emails, passwords or even personal information then this should be made secure.
If you are storing information about a user's favourite colour or favourite car then this CAN be deemed as "not sensitive" and you will then have to decide whether you want to protect this.
Always assume that people can get at your data. It's just a matter of time before they can access it (just look at how people have jailbroken the iPhone and a vast array of other smart phones for that matter).
Remember Security is not obtained through Obscurity
The following link has good answers in relation to Isolated Storage on Windows...
https://security.stackexchange.com/questions/5660/how-secure-is-isolated-storage-on-windows
From within a managed application it's not going to be possible to access the Isolated Storage of another application. However from native code that's another matter, and WP8 has support for native code...
http://msdn.microsoft.com/en-us/library/windows/apps/jj681687(v=vs.105).aspx
Plus The following article asserts that there's only a registry in the way of a hacker who wants to get unmanaged code on to WP 7.1...
http://www.wpcentral.com/let-hacking-begin-how-windows-phone-7-can-run-native-unmanaged-code
So on WP7 it's pretty clear your app shouldn't store any sensitive data in isolated storage on WP and on WP8 it's even clearer. If you can avoid putting sensitive data in isolated storage do so, otherwise you'll need to encrypt the data, and then of course you need to consider the security of the encryption and the keys used to decrypt and encrypt the data. The following looks like a good guide on how to do that best...
http://msdn.microsoft.com/en-us/library/windows/apps/hh487164(v=vs.105).aspx
At the end of the day security is nothing more than a series of hurdles for a hacker, ultimately they'll probably get access to the data if they're really determined and have the skills and resources available to do so.

Some help with Sencha Touch Database connectivity please

I am a beginner in Sencha Touch.
I am stuck with connecting my web pages(Sencha Touch) to the database(MySQL).
There are submit buttons in various pages which when clicked should send data to the database. But in my case sending data to the DB is possible only from the first page.I should comment the submit button handler of all other pages to send data to DB from any particular page.
Also sending data or retrieving data- only one of them is possible in a single execution.
Problem might be silly, but please I'm really desperate now trying to solve this.
Can someone help me please.........
Thanks in advance...
I'm guessing you have some server code in the mix too, since I don't know how else you would get a JavaScript app to read from and write to a database server directly.
You should be using the Ext.data.* package to bind your app's model stores to some sort of server interface (e.g. AJAX, REST, XML, etc etc) and all the proxies for these have full CRUD implementations.
See: http://dev.sencha.com/deploy/touch/docs/?class=Ext#namespace?class=Ext.data.RestProxy for example
If your server provides an API that provides results in response to an update, I think it would be simple to adapt a proxy to use that response to keep the two data stores (on server and client) strongly in sync.
But would need to know more about what you are trying to do.

Resources