Web host being difficult?

Energize · 11 Dec 2013 at 14:44

I have created a local database for a client and want to put information submitted into a website into it.

Unfortunately the web site is hosted elsewhere by possibly the worst host I've ever seen.

Currently form submissions are emailed the to the client and you get any random date formats etc.

I asked them to create a table and put all the data they receive into that, and give me an account with select permissions to access it so I can just select * and put it into the local database.

However they said they won't give me sql access as a "security" policy, are they being awkward here? I use a similar approach for websites I personally host.

What should be a trivial task is being made pretty difficult I must say.

GravyMonster · 11 Dec 2013 at 16:35

I'd suggest either moving hosting, which will be a time consuming pain in the penis. Or alternatively use a cloud storage provider such as Windows Azure, then you don't need anything from your hosting provider.

Energize · 11 Dec 2013 at 18:05

Moving hosting was my first recommendation but the client who has been with them for years has unfortunately already been fleeced for the sum of £350 for the next 12 months hosting.

I'm now thinking of asking them to insert the data into a table on my webserver so I could then retrieve it remotely. I was just trying to find out if they are being awkward or if there is some actual security risk in allowing a specific ip address to connect to a database on their remote server with select permissions.

Because I have loads of mysql databases on my server that I allow authenticated limited remote access to without any issues.

Caged · 11 Dec 2013 at 18:17

Surely you already know the credentials for the database that this form data is ending up in? If the issue is that they don't allow database connections from anywhere other than their own web servers then can't you just upload a script in the language of your choice to query this database and spit it out as a CSV file?

Energize · 11 Dec 2013 at 19:53

Currently the form data isn't being put into a database, it is emailed to the client, presumably over an unsecured connection and is certainly not encrypted at the end point, there's no validation performed, and even the html form has no formatting in it, date of birth is a text field etc. Hence bad web developers.

I want this information to go into the clients local database, so I have asked the hosting provider to format and validate the data correctly and put it into a database table that I can connect to and select data from, that avoids remote connections to the clients db server that I've set up.

It's trivial for me to do that in a java program which executes on a regular basis and everything is already set up for that.

Dealing with .csv files is surely going to result in extra work in putting that into the local database?

Caged · 11 Dec 2013 at 21:05

So is the hosting provider the web developer in this scenario then? I'm struggling to work out how it's up to a web host to deal with the functionality of a site on their servers.

There may be several reasons why they won't allow external access to their DB servers, if they are only intended to be accessed from their hosting platform then it makes sense. If there's a system in place keeping configurations in sync then making an exception for your IP might be more trouble than it's worth.

Hades · 11 Dec 2013 at 21:20

I don't quite follow the order of events but a spreadsheet with validation on the relevant cells does seem to be one approach if you can't add some kind of web front end to the database. There are various free libraries that will read and write excel format files in Java.

Energize · 11 Dec 2013 at 21:51

Caged said:
So is the hosting provider the web developer in this scenario then? I'm struggling to work out how it's up to a web host to deal with the functionality of a site on their servers.

Yes, they are one of those generic web site creation companies that build and host websites.

There may be several reasons why they won't allow external access to their DB servers, if they are only intended to be accessed from their hosting platform then it makes sense. If there's a system in place keeping configurations in sync then making an exception for your IP might be more trouble than it's worth.

But then how do they expect businesses to get information into their own databases if they don't allow access to their db servers? Loads of arsing around writing programs to handle csv files?

By far the simplest method to get the form data into the local database would be to query theirs.

The client does want me to host the website in the future because of how awkward they feel the company has been on the phone with them in regards to other matters. Unfortunately it will be some time before that happens.

Caged · 11 Dec 2013 at 22:44

Normally you'd expose APIs on whatever web application you are running as an extra layer of data sanity checking and a way of setting permissions without having to create hundreds of database user accounts.

If they have a web service that has no API and no other way of getting access to data without dumping the results of queries into files then that's unhelpful.

Energize · 11 Dec 2013 at 23:38

The email response was that it would be easiest for them to post me the data when the form was submitted, (I can only assume that he meant sending the form data to a web server operated by me!) or if that wasn't possible then making some kind of dynamic csv file available. Both of which seem like awful solutions.

Almost forgot about API's which is bad considering I'm working on one for another project lol. That would also be acceptable, however based on the response I can only assume there isn't one...

daz · 12 Dec 2013 at 22:19

It depends on what database it's in, but you could use this:-
http://www.adminer.org/en/

Upload, enter the local connection credentials that the script is already using and hopefully you should be able to get access.

Energize · 12 Dec 2013 at 22:36

daz said:
It depends on what database it's in, but you could use this:-
http://www.adminer.org/en/

Upload, enter the local connection credentials that the script is already using and hopefully you should be able to get access.

As I said the host will not allow me to connect to the database server...

blade007 · 12 Dec 2013 at 22:53

Caged said:
So is the hosting provider the web developer in this scenario then? I'm struggling to work out how it's up to a web host to deal with the functionality of a site on their servers.

Energize · 12 Dec 2013 at 22:55

See post #8.

Deleted member 77746 · 13 Dec 2013 at 13:44

Move hosts. Plenty do give you access. TSOHOST for example.