Create Your Own "Secure" Tinywebdb using php

Been working this up for a few weeks in my spare time, is a sort of tinywebdb that only uses the web component, and php files on an online server. The database is pin protected and encrypted.


Your Own Secure php TinyWebDB


  • Happy to discuss “secure” :wink:

  • This approach is probably best suited to more advanced AI2 developers, and those with an understanding of php servers


Looks good Tim :star_struck:

Thanks Chris. The aia demos are a bit rough around the edges, but the basic method of saving and retrieving data, whilst keeping it “secure” on the server is the key…

Another key factor is that it’s independent of 3rd Party solutions, so there is no need to worry about Google etc suddenly announcing the withdrawal of a service that your App depends on.

Plus of course it is of great educational benefit too (including myself).

Very educational, especially the php code.

Do all TinyWebDB implementations read the entire database into memory,
update in memory, then rewrite the entire database?

If so, maybe they should be called TeenyWeenyEensyWeensyDB ?

Not necessarily, it is required due to the encryption, but it all happens server side, no overhead on the app.

I was worried about database ACID.
The bigger the DB and the more frequent the updates, the more likely two updates will overlap and an update will be lost, unless there’s some sort of locking.

No need, each user has their own db, so they will only update their own db…
It is possible their may be issues with the php files being called at the same time?

Not a PHP user, but i'm guessing no problem outside of aforesaid common resource access.

@ABG THIS seems to answer most of the points you raised :wink:

From the article, it looks like web servers do a nice job of kicking off multiple PHP instances to access your database file(s). If the app user is the only database user, he’s fine.
But if there are multiple users for the same database file, I would worry if I don’t see the words “lock” and “unlock” near those file accesses, or in some configuration file somewhere.

As previously mentioned, the whole point of the venture is for each user to have their own database. This unique database is created for them when they register and can only be accessed by their login/pin code.

First of all it’s awesome job , thank you.

second of all , I wonder which one is faster in terms of reading/writting to records to database ( tinywebdb / Mysql ) can you please reply on that question ?

good luck

We are talking chalk and cheese here :slight_smile:

In my tests on a small dataset, the response from my server was almost immediate, even when returning the entire data.

One would expect mysql to be faster with large datasets, this effort is for smaller datasets as the whole text file is read/written each time something is created or modified.

You could always run some tests and report back ?

I followed all steps as mentioned in METRIC RAT AI2 - Your Own Secure php TinyWebDB

and i get this error in both companion and apk

@TIMAI2 check and give a solution. (Check URL: )
Also it's not creating a DB file in server, I set folder and files Read and Write and Execute Enabled

Also inputted in sub-domain ( and still error

i put only and it's working, after 3 hours finally solved the error

1 Like