Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

Question(s) regarding working with SQL database and Qt



  • Hello all,
    I have been looking into using databases with my Qt application. I have a few questions regarding database and Qt.

    1. There might be instances where I need a password to access my database. Is it possible to create a new database within Qt and attach a username/password to it?

    From this forum post: https://forum.qt.io/topic/99654/qt-sqlite-and-username-password/6 it would appear that this was not possible. However, the posting is a half year old. So is this still the case? Or would I have to still use sqlcipher?

    1. If I don't want to use SQLCipher, then would I be able to prepare a blank SQL database on another computer, set it up with a username and password, and then access it using Qt's methods?

    2. The database will be storing user login credentials. I will be encrypting the password for each user. I was thinking about using something similar to this line of code:

    QString result = QString(QCryptographicHash::hash(("GoGuD"),QCryptographicHash::Md5).toHex());

    I think that I will be using a better algorithm other then Md5 but is this the recommended method for encrypting/decrypting password hashes? Or is there a better method?

    Thank you

    (BTW, How do I designate a line as code instead of text? The option for this seems to have disappeared. Is there a keyboard shortcut that I can still use?)



  • @omni_philm said in Question(s) regarding working with SQL database and Qt:

    The database will be storing user login credentials.

    It sounds like a very bad idea...
    You may want to store a HASH of the credential


  • Lifetime Qt Champion

    Hi,

    Do you mean you would like to have user handling system like PostgreSQL but for SQLite ? And after that store other user credential ? A bit like a Django application ?



  • @pablo-j-rogina

    Hello, thank you for the reply. Yes, I am storing the password as a hash



  • @sgaist

    I am not too famaliar with PostgreSQL. Maybe? Not very famaliar with that one.

    All I am looking for is to set a database with a username and password so that the database cannot be accessed outside of my application.


  • Lifetime Qt Champion

    @omni_philm said in Question(s) regarding working with SQL database and Qt:

    All I am looking for is to set a database with a username and password so that the database cannot be accessed outside of my application.

    You have to be more precise with what you want to implement. A database with a name and password to access is way to generic. Do you want to use SQLite ? A network accessible database ? What is the goal of your application ?


  • Qt Champions 2019

    @omni_philm To add to @SGaist : setting user name and password does not guarantee that nobody else will be able to access the data. Data in SQL databases is usually stored without encryption. If somebody has access to the database file (for example if you use SQLite) he/she will be able to read the data.
    So, you really have to be more precise and describe better what you want to do.



  • @sgaist said in Question(s) regarding working with SQL database and Qt:

    SQLite

    @jsulm and @SGaist

    I see, I think that I was getting some details mixed up.

    The database will be on an embedded solution. It does not need network access. The database will be stored and accessed locally on the hardware.

    The database will be storing UAC settings (username, passwords, groups/permissions, etc.)

    The application will be running on machines for clients. Most of the clients will not need encryption but some might. I guess that the QT SQL framework does not support database encryption. If i wanted that, I would need to use the SQL Cipher library.

    Due to the popularity with embedded systems, I am thinking that I will go with a SQLite database. Unless there is a much better database that is supported by Qt that I can use.

    I hope that this post clears up a few questions!


  • Lifetime Qt Champion

    Qt cannot provide what backends doesn't support. SQLite has nothing for encryption so yes, SQLCipher is the right solution.

    Note that you can find instructions to build a Qt backend for it.



  • @sgaist

    I see. Thank you for your reply.

    Can you name a few databases that support encryption that Qt supports? I would like to take a look at these and evaluate them for my application.

    In regards to the backend, would you be able to post a link for creating one?

    Thank you


  • Lifetime Qt Champion

    Well, a very quick search turns that for PostgreSQL.

    Before going further, the first thing to do is to determine what you need from a database. Do you really need/want a database server for your application ?



  • @sgaist

    Probably not but project requirements may require the use of an encrypted database under certain conditions. Most of the time , an unencrypted database will be sufficient.


  • Lifetime Qt Champion

    That doesn't answer the main question: does that project require the installation and thus administration of a fullblown SQL server ? If not then the SQLite or SQLCipher will likely be enough.


Log in to reply