Related
Well, after a lot of hours of work, I'm real close to putting my first app out.
It includes a 5MB database that can't be loaded from /assets due to it's size. The app itself is small.
Now, as I know it, there are 2 deployment methods:
1. Google Market
2. My own hosted site
Google Market is easy on end user...find an app, install (and pay if req'd). Works over 3g and WiFi. Gives you 24 hours to uninstall before you're credit card is charged. Drawbacks are one-time $100 vendor fee and 20% fee per download. Plus, as my apps may grow, the databases I use could get fairly large. Now, most phones can handle the size (my Droid goes to 40 gig with 32 gig SD card), but searching a huge database on the phone could lag like crazy.
A self-hosted site can be had for $50 a year from GoDaddy or 1 and 1 with FTP, MySQL databases and much, much more. With the SQL running on a hosted server, queries would be fast. Drawbacks are the user has to download Google ADB package, app and database. Then hook-up phone via USB, set a couple of settings on the phone and actually run the "adp install <package name>". Then you need some type of payment center (Paypal) and possibly a refund policy.
So, I'm on the fence here...comments and suggestions appreciated!
From what I've read, lagging for loading databases can be brought to a minimum by altering the way it loads. Instead of loading all the content up front (possibly with a dialog to keep the user amused while waiting) or by loading it as the information comes in. The listView might lag because of the phone's memory available as opposed to a problem with the app. It could be the app. If it needs resources, then make it a top priority and allow it to tell the OS to kill other resource-hogging applications to make way for the information download. It's just a speculation. I don't know this for sure, but I would check the Android Dev site and other places for more information.
Interesting idea...I could just set the data (about 80,000 rows) up as a flat file and then do an INSERT based on user input. Do query, return results and delete rows from table. That takes it to, on average, about a 2,000 row table.
Not sure how I can encapsulate (hide) the data from prying eyes or worse yet, changes to the data! But I will research that idea further and do some code changes and testing....thank you very much
I decided to get a hosted site for a couple of reasons:
1. To get my OWN MySQL databases
2. To create a web site to drive my business and apps delivery
I've finished my application and it works great. 80,000 row database on server, app is 40kb on the phone. Data retrieval is fast...i can get over 100 rows back in 2 seconds on 3G; WiFi would be even faster.
I've decided to push my apps to users via the web site. I'll offer a crippled demo version for review before they buy...no return policy. That is, if you like the demo and buy it, well, you made the choice LOL
I'm still not warm and fuzzy about making user download adb package, hook-up phone via usb and install. But I'll offer something I don't see much on Google Market and that is: SUPPORT. Each app I create will have it's own e-mail address for comments, concerns, enhancements and, god forbid, bug reports. I'll probably also offer free updates if I change the program or upgrade the database.
Well, time to go do the web site. I'll admit I would rather be coding vs. web site design!
Why not both? You could use google and it's HUGE base of users (which may never even know about your app otherwise) and still host the database online at your site. Note that many (most) phones are crippled by the carrier to NOT allow downloads from anything but the market.
Frankly, I think you could probably do it more efficiently. I don't know the details, but why not have the app download the database from your site upon first usage and store it to SD card? A local copy even on an SD card will be orders of magnitude faster than any online solution.
Yeah, I'm still 50/50 on it.
Speed is not an issue on this app; max rows I pull back may be 60 and it takes 2 seconds. Literally, by the time your finger is off the "Search" button, you have your data And if you think about it, how many databases are out there already that people are hitting off of web pages? My 2 second download was on 3G, I imagine the WiFi to be even faster (just tested it on WiFi...3G was faster LOL)
I like the control of the database on my end and it keeps the user from having to download a new copy if the database is updated.
And I'm trying to look at the big picture here too. I'm an unemployed programmer after a 13 year career. I don't mind coding apps for "the people", but I want to get my foot in the door of business' that are going to need smart apps, just like they all needed a web page years ago.
I just have to do some more research and make a decision. However, I do think you are right; the market has huge exposure and can even lead people to my site. The hosted sites is dirt cheap...$50 a year.
I know my app is pretty solid, just hate to think about paying that one-time vendor fee and the 20% per download. Then again, that takes ALL the billing concerns from me; the market handles it all.
Thanks for your feedback!
Need an apk that signs my update.zip files from titanium blackup.
I don't understand why it hasn't been done. The code to do it is already in java! Search the forums for testsign.jar
I know everything you need to do to get it done but I don't have a development environment at my disposal. Help me out and I'll show you how to convert your jarred up code libraries to run on android!
Please and Thank You.
* edit - this question has been solved by brainmaster! ZipSigner if you find this application helpful please thank him below.
- Posted via mobile
New application proposal: ZeroNetAccess (ZeNA?)
Concept: an app that can block other apps network access.
Market alternative: DroidWall (root only, low market potential)
Methods: Maybe by modifying the apk manifest and resigning? Im not sure if there is a framework you could subclass for this.
Why: i turned off stats reporting for an app and i saw it writing reports to the web from logcat. Google took our rights away by not letting us do this from the application settings. Its my device and i have to pay the bill not google or the rude ppl who made the app. I will never understand why we were not given the right to administer mobile data access rights.
Potential: highly lucrative. People want to save money nowadays. In that respect voiding phone warranty for root access may not sit well with potential customer.
- Posted via mobile
Avid Droidery said:
New application proposal: ZeroNetAccess (ZeNA?)
Concept: an app that can block other apps network access.
Methods: Maybe by modifying the apk manifest and resigning? Im not sure if there is a framework you could subclass for this.
Why: i turned off stats reporting for an app and i saw it writing reports to the web from logcat. Google took our rights away by not letting us do this from the application settings. Its my device and i have to pay the bill not google or the rude ppl who made the app. I will never understand why we were not given the right to administer mobile data access rights.
Potential: highly lucrative. People want to save money nowadays.
- Posted via mobile
Click to expand...
Click to collapse
For rooted devices try DroidWall
Application Proposal: Web Page to PDF/HTML Safari Plug-In
Concept: Seriously?
Why: Cant save pages from the browser I safari always reloads the page when you come back to it from other activities (pointless nethog!) whats the friggin cache for anyway? It is better to save an article copy that you could view on the computer later or add to your info library if you write books or do any kinda technical research than it is to save a bookmark that may become 404 not found. Researchers nightmare!
Methods: execute shell command wget on page source. Use regular expression to get media list. Build directory tree. For each media call wget. Done.
Potential: medium. Not many people are so technically inclined.
Usefulness: extremely high, especially with zip/+email caps.. Roundabout source code viewer for nosy/curious folks.
Average potential, stream lehigh usefulness I would sell for a buck 99. Free (1 ad per saved page, no zip email)
- Posted via mobile
3rdstring said:
For rooted devices try DroidWall
Click to expand...
Click to collapse
Thank you! Will do!
- Posted via mobile
Application proposal: WarBastard
Concept: wardriving app featuring google my maps! Maps are shared globally by locale. Signals can be pinpointed by triangulation through cross reference of mac address, signal strength and previously detected locations in a global locale based database. While we are at, throw in a google navigation intent, and a compass with distance to closest accesible AP! Dont stop there! I wonder where that cell tower is located?
Purpose: to aid weary travellers and cheap bastards to connect with their loved ones and services over open networks. Services could also be used for cellular network signal diagnostics across hundreds of thousands of devices.
Potential: astronomical I would pay 5 bux. Better yet 12 bucks per year. Free (1 ad per download of database, 1 ad per connect to AP. Possibly integrated with APs for increased revenue potential across the board.) The map data can also be used to find good places to set up an advertising AP 4 even more potential earnings.
Anybody wanna pay me to sit around and do this all day? Lol.
SERIOUSLY you are looking at my qualifications. Asking 50k p. yr. to start Project Mgr./Analyst/Sr. Developer. consulting options available. Willing to relocate. Pm for inquiries/proposals.
- Posted via mobile
Avid Droidery said:
Need an apk that signs my update.zip files from titanium blackup.
I don't understand why it hasn't been done. The code to do it is already in java! Search the forums for testsign.jar
I know everything you need to do to get it done but I don't have a development environment at my disposal. Help me out and I'll show you how to convert your jarred up code libraries to run on android!
Please and Thank You.
- Posted via mobile
Click to expand...
Click to collapse
You should use the search function: ZipSigner.
It implements in the Titanium Backup and signs it on your wish.
brainmaster said:
You should use the search function
Click to expand...
Click to collapse
You are correct. I should never have assumed that this wasn't already in the market. Actually I didn't really plan to use this to sign titanium backups. For my purpose however the concept is the same.
* edit Human beings arent the fastest search engine but collectively we are the most accurate information sources on the planet. feel free to quote me on this
I thought that it would be better to ask someone who might know than it would be to search for something that may not exist. If I had access to a computer I would have no questions to post. Only answers! Being that I am stuck on my android for the time being, I appreciate all the help I can get!
Thank you for providing me with another helpful for resource!
* Edit: Dear brainmaster, words cannot express my level of gratitude! I am truly overjoyed by the passing of this shortcoming. Signapktic is exactly what I was looking for and I never would have found this application had it not been for your assistance. The topic of this thread is kick ass apps wanted. Even though this is an application that no longer needs to be developed (because real developers don't reinvent the wheel unless absolutely necessary,) you have met or exceeded the topic issue with flying colors!
- Posted via mobile
New application proposal: Launchpad Homescreen Widget
Concept: a widget that will pop up an on screen menu (complete with icons) onClick similar to pc desktop start menus. Customizable shortcuts Horizontal or vertical (and scrollable) layouts by preference and Customizable folders.
Why: I would rather have a feature like this than an app drawer any day. This would allow individuals to organize launcher short cuts by task. It would also be great if it were possible to open files in the system such as pdf, video, music or text files with appropriate application. Another great feature would be the ability to launch shell scripts. I have searched the market and nothing like this was found.
Potential: high. will save customer time allow them to become more visually organized and task oriented as well as adding more visual appeal to the home screens. $5.99 I would buy it! Time limited trial only.
- Posted via mobile
The Vulnerability
In recent updates to some of its devices, HTC introduces a suite of logging tools that collected information. Lots of information. LOTS. Whatever the reason was, whether for better understanding problems on users' devices, easier remote analysis, corporate evilness - it doesn't matter. If you, as a company, plant these information collectors on a device, you better be DAMN sure the information they collect is secured and only available to privileged services or the user, after opting in.
That is not the case. What Trevor found is only the tip of the iceberg - we are all still digging deeper - but currently any app on affected devices that requests a single android.permission.INTERNET (which is normal for any app that connects to the web or shows ads) can get its hands on:
the list of user accounts, including email addresses and sync status for each
last known network and GPS locations and a limited previous history of locations
phone numbers from the phone log
SMS data, including phone numbers and encoded text (not sure yet if it's possible to decode it, but very likely)
system logs (both kernel/dmesg and app/logcat), which includes everything your running apps do and is likely to include email addresses, phone numbers, and other private info
Normally, applications get access to only what is allowed by the permissions they request, so when you install a simple, innocent-looking new game from the Market that only asks for the INTERNET permission (to submit scores online, for example), you don't expect it to read your phone log or list of emails.
But that's not all. After looking at the huge amount of data (the log file was 3.5MB on my EVO 3D) that is vulnerable to apps exploiting this vulnerability all day, I found the following is also exposed (granted, some of which may be already available to any app via the Android APIs):
active notifications in the notification bar, including notification text
build number, bootloader version, radio version, kernel version
network info, including IP addresses
full memory info
CPU info
file system info and free space on each partition
running processes
current snapshot/stacktrace of not only every running process but every running thread
list of installed apps, including permissions used, user ids, versions, and more
system properties/variables
currently active broadcast listeners and history of past broadcasts received
currently active content providers
battery info and status, including charging/wake lock history
and more
Let me put it another way. By using only the INTERNET permission, any app can also gain at least the following:
ACCESS_COARSE_LOCATION Allows an application to access coarse (e.g., Cell-ID, WiFi) location
ACCESS_FINE_LOCATION Allows an application to access fine (e.g., GPS) location
ACCESS_LOCATION_EXTRA_COMMANDS Allows an application to access extra location provider commands
ACCESS_WIFI_STATE Allows applications to access information about Wi-Fi networks
BATTERY_STATS Allows an application to collect battery statistics
DUMP Allows an application to retrieve state dump information from system services.
GET_ACCOUNTS Allows access to the list of accounts in the Accounts Service
GET_PACKAGE_SIZE Allows an application to find out the space used by any package.
GET_TASKS Allows an application to get information about the currently or recently running tasks: a thumbnail representation of the tasks, what activities are running in it, etc.
READ_LOGS Allows an application to read the low-level system log files.
READ_SYNC_SETTINGS Allows applications to read the sync settings
READ_SYNC_STATS Allows applications to read the sync stats
Theoretically, it may be possible to clone a device using only a small subset of the information leaked here.
I'd like to reiterate that the only reason the data is leaking left and right is because HTC set their snooping environment up this way. It's like leaving your keys under the mat and expecting nobody who finds them to unlock the door. For a more technical explanation, see the section below.
Additionally, and the implications of this could end up being insignificant, yet still very suspicious, HTC also decided to add an app called androidvncserver.apk to their Android OS installations. If you're not familiar with the definition of VNC, it is basically a remote access server. On the EVO 3D, it was present from the start and updated in the latest OTA. The app doesn't get started by default, but who knows what and who can trigger it and potentially get access to your phone remotely? I'm sure we'll know soon enough - HTC, care to tell us what it's doing here?
Technical Details
In addition to Carrier IQ (CIQ) that was planted by HTC/Sprint and prompted all kinds of questions a while ago, HTC also included another app called HtcLoggers.apk. This app is capable of collecting all kinds of data, as I mentioned above, and then... provide it to anyone who asks for it by opening a local port. Yup, not just HTC, but anyone who connects to it, which happens to be any app with the INTERNET permission. Ironically, because a given app has the INTERNET permission, it can also send all the data off to a remote server, killing 2 birds with one stone permission.
In fact, HtcLogger has a whole interface which accepts a variety of commands (such as the handy :help: that shows all available commands). Oh yeah - and no login/password are required to access said interface.
Furthermore, it's worth noting that HtcLogger tries to use root to dump even more data, such as WiMax state, and may attempt to run something called htcserviced - at least this code is present in the source:
/system/xbin/su 0 /data/data/com.htc.loggers/bin/htcserviced
HtcLoggers is only one of the services that is collecting data, and we haven't even gotten to the bottom of what else it can do, let alone what the other services are capable of doing. But hey - I think you'll agree that this is already more than enough.
Patching The Vulnerability
... is not possible without either root or an update from HTC. If you do root, we recommend immediate removal of Htcloggers (you can find it at /system/app/HtcLoggers.apk).
Stay safe and don't download suspicious apps. Of course, even quality-looking apps can silently capture and send off this data, but the chance of that is lower.
Affected Phones
Note: Only stock Sense firmware is affected - if you're running an AOSP-based ROM like CyanogenMod, you are safe.
EVO 4G
EVO 3D
Thunderbolt
EVO Shift 4G? (thanks, pm)
MyTouch 4G Slide? (thanks, Michael)
the upcoming Vigor? (thanks, bjn714)
some Sensations? (thanks, Nick)
View 4G? (thanks, Pat)
the upcoming Kingdom? (thanks, Pat)
most likely others - we haven't verified them yet, but you can help us by downloading the proof of concept above and running the APK
HTC's Response
After finding the vulnerability, Trevor contacted HTC on September 24th and received no real response for five business days, after which he released this information to the public (as per RF full disclosure Policy). In my experience, lighting fire under someone's ass in public makes things move a whole lot faster, which is why responsible disclosure is a norm in the security industry. (This is where we come in.)
As far as we know, HTC is now looking into the issue, but no statement has been issued yet.
HTC, you got yourself into this mess, and it's now up to you to climb out of the hole as fast as possible, in your own interest.
The ball is in your court.
Credit
ANDROID POLICE
Huge thank you to Trevor Eckhart who found the vulnerability and Justin Case for working with us today digging deeper.
Hi there, I need help, someone is consistently hacking into my phone, htc evo 4g, they are penetration testers and pc savvy, currently I cant login to the phn for trying to do a factory reset. They kept intercepting me and now my password does not work. Who knows maybe they changed it on their side. I wrote down everything I saw. I was seeing all these process running for the same app. in my applications. My phone was getting hot, freezes but its people that live in my apt complex and at work. can you help?
zzm5 said:
Hi there, I need help, someone is consistently hacking into my phone, htc evo 4g, they are penetration testers and pc savvy, currently I cant login to the phn for trying to do a factory reset. They kept intercepting me and now my password does not work. Who knows maybe they changed it on their side. I wrote down everything I saw. I was seeing all these process running for the same app. in my applications. My phone was getting hot, freezes but its people that live in my apt complex and at work. can you help?
Click to expand...
Click to collapse
Is your device rooted?
I used root explorer and removed the HtcLoggers.apk and other than the forced close loop that removing it caused (requiring me to remove the battery), after rebooting all seems to be working fine.
EDIT: Actually I didn't just delete HtcLoggers.apk but moved it to a safe location on the SD Card in case there was a problem and it needed to be restored. I highly suggest you do this instead of just deleting it, or better yet, a nandroid backup.
there are a few good ROMS out there that have the ICQ loggers removed already.
Do we really need three threads on the front page about the same thing?
Version Alpha 0.6.0 is now available
I'm back! Not dead yet, I promise. This is actually a relatively small update in terms of user-facing features, with only one really big new thing - support for file uploading - but that's a lot bigger than it might sound. It's the first write support I've implemented in the server, and it also required some fairly massive updates to the HttpServer component (support for binary requests, for POST parameters, for MIME multipart parsing). These will be built upon in forthcoming versions to add support for things like registry editing, in-browser file viewing (possibly editing), and so on. There are also a large number of small fixes and improvements that I've made over the last two-weeks-shy-of-a-year, which should make the server faster, more robust, better able to support concurrent connections, and lighter on device resources. Finally, while the app still targets WP8.0 and should run on 8.0, it now is designed for 8.1 compatibility (especially the AllCapabilities version).
Previous update (0.5.6): This version is mostly bug fixes and UI changes. The biggest changes are: clearer display of weird registry data types, the server now consumes fewer threads (it used to spawn them with wild abandon) and does faster string compares, the app version is now shown on the phone, error pages are now better, if you launch the app without a WiFi IP address it'll offer to take you to the WiFi settings page, connections are no longer closed as soon as the app starts sending a response, and the server now defaults to using the Connection: keep-alive header, with a two-minute timeout. The last change, combined with the second-to-last, should hopefully both do away with the tendency to have the app fail to display a page. However, I shouldn't have *needed* to switch it to "keep-alive" - using "close" should have worked - but it still veeeery occasionally would kill the connection early. Agh. Anyhow, this is better in the meantime.
DevDB offers me a support / Q&A thread. Please use that thread to ask questions; don't PM me unless it needs to be kept private for some reason!
ISSUES ON WP8.1:
It *should* work to deploy the app with "Application Deployment", but if you have a problem try deploying with "Windows Phone Application Deployment 8.1" instead.
Problems have been reported in the past when the app is installed to the SD card. It's small, though; putting it on internal storage shouldn't be a problem.
RESOLVED The AllCapabilities version included a few capabilities that were present in 8.0 but removed in 8.1. Those capabilities have been removed; the AllCapabilities version now deploys and runs on capability-unlocked WP8.1 phones.
IN CASE OF OTHER ISSUES: Please provide a *detailed* error report - what phone and OS version you have, what hacks you've installed, what Webserver version you're running, what you do to get the error to occur, and exactly *what* occurs - and I'll fix it as soon as I can! There's a DevDB section for posting bug reports, and you can also use CodePlex if you want.
I finally implemented file upload! I'll work on getting more stuff like that (file delete, possibly file rename/move/copy, various registry edits), hopefully soon! I also hope to add support for different areas, like an "Applications" path, a "Processes" path, a "Services" path... eventually. Many of those are really hard without good privileges. I'm also looking at moving the server to a background process and making the app just a control UI for it, adding support for authentication and/or HTTPS, adding some stylesheets to the web UI, adding caching, and much more. I did finally implement Connection header support.
Once again, the XAP is published twice. One is a fairly standard XAP that any phone can sideload, and the second has many exotic capabilities to enable viewing of (and writing to) slightly more of the file system and registry. The standard XAP has had its list of capabilities expanded to pretty much all of them that can be used without interop-unlock. The high-capability variant requires not just interop-unlock, but the additional capability-unlock hack available in the interop-unlock thread. The AllCapabilities version now works with WP8.1; sorry for the long delay on that!
An item of note: the AllCapabilities version (or either version, on WP8.1) can open other drives in the file system. On phones with an SD card, it is mounted at D: and you can browse it as normal. Credit to @hjc4869 for this discovery!
DESCRIPTION: This is a simple webserver app which can enumerate those files that are in folders readable from the sandbox, can download and upload (access permitting) files, can browse the registry, and can display the contents of registry values of any type. It runs on WP8.x (not yet tested on W10M). It is a spiritual successor to the Functional Webserver / WebServer (Mango) projects from WP7. This version is still missing a lot of functionality as I decided to implement it from scratch, but it is advancing swiftly. Note that there's no access controls implemented; use it on a public network only at your own risk!
Instructions are simple: sideload the XAP, connect to WiFi (required), run the app (called "WebServer Native Access"), point a web browser (on a PC or phone that is also on that local network) to the URL that the app displays. You should get a basic index page. Click on a Filesystem or Registry link to begin browsing the phone. There's a textbox near the top of all filesystem pages, type in a path there (for example, "C:windows" with no quotes) and hit Enter or click Get Files. You'll see a list of the contents of that folder. Click on a file to download it or a directory to open it. There's also a box for uploading files, one at a time, to the current directory. Navigating the registry is similar, except you'll need to specify the registry hive and then the path from that hive (or no path, to access the root of the hive).
As of v0.6.0, uploading files is finally supported! Other modifications (editing files, creating, deleting, or changing registry keys or values) are currently not supported. They will be "soon" although my personal testing suggests that basically the whole registry, and most of the file system, is off-limits for writing unless you use restricted capabilities.
You might see an error code (error 5 is "ACCESS_DENIED", you'll see it a lot; I should replace it with an appropriate 403 or whatever). Or you might see a status 500 message because of an exception in the server. Or the server may just crash (hopefully not so often anymore...). I'm making it more resilient, but there are still bugs. Please report any previously-unreported issues you find, including how to reproduce them, and I'll fix them if possible.
Also feel free to request features or changes; I'll implement them if reasonably possible. The app is a mixture of C++ and C# code; I could probably have done it all in one or the other but wanted to have a C++ component in case I ran into something that wasn't available in C#, and although it probably would have saved some time, I decided that hacking up a web server in C++ was maybe not the best idea.
The source code is on Codeplex, at the following projects: https://wp8webserver.codeplex.com/ for the server and the app (C#) and https://wp8nativeaccess.codeplex.com/ for the native access wrappers (C++). You may have to fix up the reference paths to get the C# component to see the C++ component correctly. The code is reasonably well documented, but let me know if you have any questions. Permission to re-use the code or components is granted under the MS-PL (Microsoft Permissive License) as posted on Codeplex.
Go forth and find cool stuff!
Version history (see the git commit logs for more detail:
07 July 2013 - 0.2.0: Initial release, FS only, 920 downloads (source: 652 downloads)
14 July 2013 - 0.3.2: initial registry, HTTP server and web app encapsulation, source on Codeplex, 225 downloads
0.3.3: bugfixes, 454 downloads
0.4.2: basic registry values display, 86 downloads
0.4.3: bugfixes, 326 downloads
0.4.6: multistring registry values, bugfixes, updated libraries, first AllCapabilities version (950 downloads), 453 downloads
25 Oct 2013 - 0.4.8: binary and long registry values, formatting and bugfixes, 451 downloads AllCaps, 201 normal
22 Dec 2013 - 0.4.9: all registry value types, better threading, proper resume, remembers port, 97 downloads AllCaps, 53 normal
24 Dec 2013 - 0.5.0: background operation using Location APIs. Downloads: 1011 AllCaps, 963 Normal
20 Jul 2014 - 0.5.1: More capabilities, better navigation. Downloads: 358 AllCaps, 352 normal
07 Aug 2014 - 0.5.3: .REG export, better traversal, bugfixes. Downloads as of 0.5.5 release: 260 AllCaps, 164 normal
10 Oct 2014 - 0.5.5: Bugfixes and back-end work. Downloads as of 0.6.0 release: 140 AllCaps, 113 normal
25 Oct 2014 - 0.5.6: Bugfixes and UI tweaks. Downloads as of 0.6.0 release: 1720 AllCaps, 1334 normal
12 Oct 2015 - 0.6.0: Binary requests, file uploads, bugfixes.
XDA:DevDB Information
WebServer Native Access, Tool/Utility for the Windows Phone 8 General
Contributors
GoodDayToDie
Source Code: https://wp8webserver.codeplex.com/
Version Information
Status: Alpha
Created 2014-10-17
Last Updated 2015-10-12
I'm going to use this space to mention something that's pretty cool:
J. Arturo of http://www.komodosoft.net is using a modified version of the HTTP server that powers this app in the ShareFolder app (http://www.windowsphone.com/s?appid=e2b9c82e-eaa1-4a3b-9d4a-8a2933a8bdb4) to support opening video files directly from Windows network shares! This was done to work around a limitation of the WP8 media control: it can only source from an isolated storage file or a HTTP URL. By running a server in the background and streaming the video file through it, and pointing the video player control at the localhost URL, it becomes possible to play the file on the phone without first copying it to the app's isolated storage. A very cool way to solve the problem! Also, reviewing the changes that were made to the network code of the server pointed me toward those threading fixes I made that have hopefully much improved version 0.4.9.
Please note that the updated version of ShareFolder with this feature may not yet be available, although it should be soon. It is a commercial (paid) app, but the author sought and received permission to use my code (although the license does not require such permission be received).
What exactly is the problem with sockets? I am battling myself with sockets atm too, maybe we can share knowledge?
Strictly speaking, the problem was with the phone's limited subset of the Sockets API forcing me to access it through functions I wouldn't normally use (asynchronous everything, SocketAsyncEventArgs and lambdas and AutoResetEvents and so on everywhere...) but I've got a pretty good handle on it now, at least for the System.Net.Sockets.Socket and its friends. The new .NET 4.x ones (using the async keyword and all) are in a different namespace; I didn't mess with them. They are more abstracted from the Bekeley sockets interface that I'm used to from C, but they are also (supposedly) more user-friendly, especially if you don't feel like writing all your own thread management code (and in fairness, I should re-write the webserver's threading to use threadpools; they're better for this type of work).
If you want to ask questions about the topic, I suggest starting a new thread (possibly in the Q&A subforum, although it's also dev related...) and I'll answer if I can.
GoodDayToDie, just an idea: how about sharing your source code via CodePlex or GitHub?
Oh man, this is pretty nice! GoodDayToDie does it again!
So far, I can read \Windows, the current install folder which you access just by typing "." with no quotes and the current application folder by typing ".." I can access the .dlls, .winmd and AppManifest.xml from the current install, but from everywhere else, it goes boom. This is a great step towards something awesome though!
EDIT:
I was wrong. For some reason, when you click on a folder it's trying to "download" it, rather than chdir. I can get pretty far into the Windows directory.
THAT's what you meant by "Click on a file (note: there's no current way to tell the difference between files and folders) to download it.
You might see an error code (error 5 is "ACCESS_DENIED", you'll see it a lot). Or you might see a status 500 message because of an exception in the server. It's getting a lot more resilient but there are surely still some bugs. ".
If you see a folder, just type the full path to it instead of clicking on it and you will be able to read the contents.
ANOTHER EDIT:
I just found a file inside of the \Windows\System32 directory named [guid].devicemetadata-ms (It's easier to just search for "devicemetadata-ms"). It's a cab file with some metadata about WP8 with a sign.cat and packagesign.cat file in the archive. I don't know what these files could potentially be useful for.
New version in a day or two (busy tonight). Features I plan to implement (not necessarily in the next version or at any particular time):
File upload (IsoStore and, of all crazy things, install directory are writable. I think I'll put a flag on each FS page that says whether the current dir is writable...).
File deletion (where possible, of course).
File and Directory distinction in the listing (clicking a dir should open it, not error out).
Filesystem index page with links to folders that can be accessed successfully (since the root isn't readable).
Some more file info (size, probably attributes, possibly permissions).
Possibly an option to preview a file (as plain text) without downloading it.
Some kind of background mode (the server uses minimal resources when not actively servicing a request, so I'll see if I can get it to work in the background, perhaps by abusing the music transfer agent...)
Some kind of offline mode (at least basic file browsing within the app, as an alternative to using the web interface, though I might just make a second app for that).
Source code changes: separate the server code from the webapp / phone app code (move it into its own project).
Source code changes: move to a hosted version control service, probably CodePlex (good suggestion sensboston).
Maybe add an icon and such...
Any other suggestions?
I also want to try experimenting with various non-standard capabilities and see if I can get access to more of the system . I've already added the ability to access removable storage, but I've also found a bunch of really weird and frequently undocumented capabilities in the OS's policy configuration files, and I need to look into those... The interesting (and possibly the uninteresting) ones are probably blocked for unsigned sideloaded apps, but it's worth checking on anyhow.
Yeah sorry, I should have been more explicit about clicking on dirs. not working in 0.2.0. Also, it's "unofficial" but if you check the URL bar you'll see a URL parameter called something like "pattern" (by default, it's *) and if you change that, you can filter the results. For example, "foo*.exe" (note: no quotes!) will search for EXE files whose names start with "foo". Among other uses, this makes it a lot faster to load large dirs like System32. This will be added to the UI at some point. Also note that URL decoding is applied correctly to querystring parameters (Probably already noticed with the path sometimes written using %5C for \) so you can add special characters that way if needed, though currently any of them but \ will probably just cause an exception.
...
Actually, does this filesystem support Alternate Data Streams? If so, you should be able to download them by appending a : and the ADS name to the filename in the download URL...
OK, so that was a new version in five days. Sorry, stuff takes time.
The source code is now on Codeplex. The native access portion is at https://wp8nativeaccess.codeplex.com/, and the web server portion is at https://wp8webserver.codeplex.com/. Both are licensed MS-PL and use Git for version control. The full XAP is also available for download from the Webserver project on Codeplex.
GoodDayToDie said:
OK, so that was a new version in five days. Sorry, stuff takes time.
The source code is now on Codeplex. The native access portion is at https://wp8nativeaccess.codeplex.com/, and the web server portion is at https://wp8webserver.codeplex.com/. Both are licensed MS-PL and use Git for version control. The full XAP is also available for download from the Webserver project on Codeplex.
Click to expand...
Click to collapse
You are a god. I'll be sure to post my findings .
Hmm. When I first load up WebServer File Access then access from my laptop, I get the main page then the program crashes on my phone. It seems to hold a lock on to the socket as i can no longer access port 9999 from any other device when re-opening the app. I can access it again when I reboot, but the same thing happens.
EDIT: I think it may be due to the WiFi at work... it's junky. I'll try again when I get home. I was just able to browse some directories.
Wow, that's completely unexpected... I can beef up the error chacking and handling around the listener port though. That part of the code is really straightforward, so I actually haven't hardened it very much. I can also put in a Finally block to close the socket and/or mark the socket as re-usable so that other apps (or the same one again) can listen on it in the future.
I also plan to add support for setting your own port, but that doesn't solve the underlying problem. I'll put in more error reporting as well, to enable better debugging. Thanks for the report! Always good to have users report problems so I know where to prioritize fixes.
GoodDayToDie said:
Wow, that's completely unexpected... I can beef up the error chacking and handling around the listener port though. That part of the code is really straightforward, so I actually haven't hardened it very much. I can also put in a Finally block to close the socket and/or mark the socket as re-usable so that other apps (or the same one again) can listen on it in the future.
I also plan to add support for setting your own port, but that doesn't solve the underlying problem. I'll put in more error reporting as well, to enable better debugging. Thanks for the report! Always good to have users report problems so I know where to prioritize fixes.
Click to expand...
Click to collapse
I tried the app at home and it DOES crash on the first hit of the home page, but I'm able to open it up again and it works fine.
The new version 0.3.3 should be more rebust; try it and let me know if you still have issues. If you do, let me know what the exception message is (and any other info you can provide) and I'll try to track it down.
Downloading really big files should also work now. The app will read and push files in smaller chunks (the code to do this existed in the NativeAccess library before, but wasn't used).
a simple SDK?
Dear Sir
Will it be possible for you to make some sort of SDK from this so other developers can integrate this into their apps and enable browsing isolatedstorage?
Sorry if it is a stupid question.
Bruce_X_Lee said:
Dear Sir
Will it be possible for you to make some sort of SDK from this so other developers can integrate this into their apps and enable browsing isolatedstorage?
Sorry if it is a stupid question.
Click to expand...
Click to collapse
With the restrictions in permissions, this app only allows browsing of the app's isolatedstorage locally. You are able to use the IsolatedStorage API within your app to browse files and directories already.
snickler said:
With the restrictions in permissions, this app only allows browsing of the app's isolatedstorage locally. You are able to use the IsolatedStorage API within your app to browse files and directories already.
Click to expand...
Click to collapse
That's right. What I want is to allow the end user to be able to browse the isolatedstorage. Imagine I have a video download app, I want the user to be able to transfer those downloaded videos from the app's isolated storage to, say, a PC.
One can do this by integrating the webserver code into the said app.
Bruce_X_Lee said:
That's right. What I want is to allow the end user to be able to browse the isolatedstorage. Imagine I have a video download app, I want the user to be able to transfer those downloaded videos from the app's isolated storage to, say, a PC.
One can do this by integrating the webserver code into the said app.
Click to expand...
Click to collapse
Ahh I see what you mean now. That sounds like a pretty nice idea. I think more research needs to be done to see whether it would even be allowed in the marketplace.
The webserver portion is stand-alone (builds to its own .NET DLL with no dependencies on the other parts) and has a pretty clean interface. You'd need to implement the web application portion of it yourself - the thing that generates the response pages for a given request - but the HttpResponse class in the server does a lot of the work of that for you; you basically just specify the content you want to send (as a String or byte array) and it sends it.
I'm planning to create an exam app for android but I have a couple of concerns before jumping to the development.
For the first part, the questions are dynamic which means the questions and the number of questions are not fixed. What I'm planning to create for this is a web server where I can fetch the JSON data for the questions and answers(is this correct?) which are dynamically added by the admin of the web server.
For the second part, I want the fetched data(questions) to be shown one per view(one per device screen) then just put a button to confirm the users answer, the concerns I'm having is, is this approach going to take a lot of memory? Specially if the data that is fetched are more than a hundred of questions.
I still have a lot on my mind but for the meantime I want this two questions answered first, Thank you and have a good day!
clonedaccnt said:
I'm planning to create an exam app for android but I have a couple of concerns before jumping to the development.
For the first part, the questions are dynamic which means the questions and the number of questions are not fixed. What I'm planning to create for this is a web server where I can fetch the JSON data for the questions and answers(is this correct?) which are dynamically added by the admin of the web server.
For the second part, I want the fetched data(questions) to be shown one per view(one per device screen) then just put a button to confirm the users answer, the concerns I'm having is, is this approach going to take a lot of memory? Specially if the data that is fetched are more than a hundred of questions.
I still have a lot on my mind but for the meantime I want this two questions answered first, Thank you and have a good day!
Click to expand...
Click to collapse
There shouldn't be any memory issues, though to conserve data usage and battery, personally I would download all questions at once and store them locally in an SQLite database, then whenever a new question is needed you don't have to send off a request to the web server. ALso this means the app could be used offline, especially if you do a similar thing with the answers and store them locally then check if the students answer matches up to the stored answer.
Sqlite is a fine thing, i agree with jonny
And as your questions are just a lot of strings they wont take a lot of memory, some few jpegs etc would take lot more
---------------------------------
Phone : Nexus 4
OS :
- KitKat 4.4.4 stock
- Xposed: 58(app_process); 54(bridge)
- SU: SuperSU
- no custom recovery
---------------------------------
4d 61 73 72 65 70 75 73 20 66 74 77
Gesendet von Tapatalk