With my new website successfully off the ground I've started the next phase, stream lining the process of uploading photos. The app that I plan on using will be a private app. I'm exploring whether I should (1) pay someone to code this app for me, (2) buying the required frameworks such as FTP and GUI and piecing it together or (3) actually learning Objective-C and doing this myself from the ground up.

• I think Option 1 would be a fantastic jump start into this. I'll have an app already made and functional and I'll be able to look at the source code and figure out how it works, making a second app to tweak and experiment with.
• This may be a bit more expensive, but purchasing the required chunks and then putting the puzzle together is less ideal. I'd still need to learn C++ but at least I'd have the more complex parts already done.
• I have no date for when I need to finish this app so I think option 3 is the preferred route. I also need to be realistic. I've never written anything more than PHP and Objective-C is a lot more complex.

Though, those three points are outside of my scope right now. I can do any one and still not have a working app unless I got the web server to communicate with the app. I realize FTP is pretty straight forward and requires no server side configuration other than a user and password. I know how to get information from a MySQL database - using the URL and the PHP variable $_GET and that info can be parsed by an app on a phone and displayed with a GUI.

But what I don't get is how to send data to the database. Such as putting image title, shutter speed and such. Okay, so I think I just figured it out... I assume it'd be by sending that data over a URL but rather than retrieving information, use it to save information. Is there a more elegant slash secure way to do this? I don't want the URL to leak and have random people submit data to my database from outside the app. For what it's worth, I upload the photo using an app then navigate to a webpage that triggers a script to process the uploaded image(s). If anyone were to discover this page the worst they could do is run the script and process any photos. All the data is retrieved from the photo itself. With the app, the phone will send the data from the photo over a URL and upload the resized versions of the picture, essentially taking the load of this task off the server.

I'll be exploring sending data to a database over the next few weeks using my browser and a URL - simulating a mobile app and the same URL idea - and coming up with ways to secure it myself such as a key stored on the server that is matched with a key sent from the app, aka a password. I already have a working user database so that is do able.

To rehash my question:

• Mobile platform aside, how do I securely send data to a database?

I'll tell you what my team is doing for app development. We use WebSockets with OpenSSL to connect to a node.js instance on a server to handle requests as well as interfacing with a MySQL-compatible database. WebSockets are supported in HTML5 (secure, check browsers) and shouldn't be bad in whatever you make your app in. (Qt 5 here for mobile, but mobile-specific languages should have something)

I'll look into that. My primary web server requires me to purchase an SSL certificate for any encrypted connection - though, mail is excluded from that - so I don't even have SFTP or https but I'm using them because the PHP functions I need are enabled there. With the app I can drop them and go back to my old host with SSL/HTTPS/SFTP since the data processing would be on the device and sent over.

I'll point one of my unused domains to my secondary host and try it out. Thanks!