DataIncrement 2 - resolving contradictions, TRIZ in actual development

    Last time, from the comments it turned out to highlight two specific problems of the project for which many thanks to not indifferent users. The first problem is the lack of an SSL certificate on the site. And the second, the disclosure of passwords to anyone, is an extremely dubious idea.

    The solution to the first problem is purely technical - installing a free certificate does not cause much difficulty.

    But the solution to the second problem - to exclude the disclosure of connection parameters to its database - this is a question.

    Let me remind you, the essence of the project is an online client for the mysql database. The key issue - connecting to the database, immediately causes several difficulties:

    1. Disclosure of database connection parameters;
    2. Even in the case of the disclosure of parameters, it is not a fact that it will be possible to connect due to administrative restrictions, for example, only local access to the database is allowed.

    In this situation, technical contradiction (TP) in the system of triz is cut out on the face. The disclosure of parameters is necessary to connect, but at the same time it is impossible to disclose parameters for security. In addition, the disclosure of parameters does not solve the second difficulty - the presence of administrative restrictions.

    At Trise, one of my favorite methods is the method of an ideal end result (IFR). This is the strongest method that makes it possible for people not to be afraid to think it would seem absurd, but it is this one that sometimes allows you to achieve the desired results, where it would not seem possible at all.

    So on a tripe, I can mentally turn the task upside down. And start solving the problem from the other end.

    • It was. The site wants to connect to your closed internal database, and wants to do this without disclosing access passwords (Perfect end result).
    • And if the opposite. The database itself wants to connect to a third-party site, but cannot do this due to administrative restrictions.

    On the one hand, the song turned out (you are on land, I am at sea ... we can’t meet at all). On the other hand, there are two forces that want to meet, but cannot do it.

    It would seem that some land, which sea? And here the database and server. But wait. We all know that it often happens that a boy is liked by a girl and vice versa the same girl is liked by this boy. They are afraid to take a step towards each other. I can not do it myself. It's impossible. But then suddenly, a common girlfriend appears suddenly in both unfortunates. Girlfriend introduces and brings the two shy together. And then everything by itself somehow turns out.

    It is important to note here that one cannot do without the appearance of a third force. Just like a triza - you need to enter a third force into the system (a system of two forces is considered not complete) and complete the triangle. The clerk made a third force and brought the boy with the girl.

    Another policy example. There is Germany, which wants to buy cheaper fuel. There is Iran, which wants to sell fuel to Germany. But Germany has a tough administrative restriction on fuel supplies from Iran. Finish the system of two forces to a full triangle. We introduce the third force - this is Russia. Which can interact with both Germany and Iran. As a result, Germany perfectly interacts with Iran, through transport through Russia.

    So a third force is needed. We carry the third force into an incomplete system from the database and the client. As a transport, we will use a certain driver, which will perform the role of a pass (the word here is of course rude, but quite appropriate, if not to dwell on rudeness).

    We list the requirements for our driver-transport. Actually there are only two requirements:

    1. Must interact without restrictions with both the client and the database, acting as a transport
    2. Must be able to connect to the database

    Let's look at the first requirement. Two forces need the same thing. Namely: you need to send requests and in return receive a data set for display. The Internet is used as a data transmission channel.

    Let's look at the second requirement. Connecting to the database is possible only on the database side and nothing else. So the driver must be located on the side of the base or be able to connect to it with administrative restrictions. What usually is the default, TC. mysql is used for web applications.

    Taking into account the above requirements, it turns out that it is enough for me to write a simple script translator of queries to the database and return the results as an array of strings. And place it somewhere on the database side. I take php, because I can and write literally twenty lines.


    header('Content-Type: text/html; charset=utf-8');
    # Key
    $pass       =   'KEY_PASS_FROM_DATAINCREMENT';      //change for youself# Connect parametres to mysql database
    $host       =   'LOCALHOST';        //change for youself
    $user       =   'USERNAME';         //change for youself
    $password   =   'PASSWORD';         //change for youself
    $database   =   'DATABASE_NAME';    //change for youself# Accessif ( !isset($_POST['query']) )         die( 'no query' );
    if ( @$_POST['pass'] != md5($pass) )   die( 'no pass' );
    // if ( $_SERVER['REMOTE_ADDR'] != '' ) die( 'no ip' );# Connect
    $mysqli     =   new mysqli($host, $user, $password, $database);
    if ( $mysqli->connect_error )
        die( 'no connect: ' .$mysqli->connect_error );
    # Character
    $mysqli->set_charset( $mysqli->query("SHOW VARIABLES LIKE 'character_set_database'")->fetch_object()->Value );
    # Query & Returnif ( $result = $mysqli->query($_POST['query'], MYSQLI_USE_RESULT) )
        for ( $rows = array();  $r = $result->fetch_array(MYSQLI_ASSOC);  $rows[] = $r );
        $rows   =   json_encode($rows);
        $rows   =   gzdeflate($rows, 9);
        die( $rows );
    die( $mysqli->error );

    Here such simple turned out the driver. Now this script remains to be placed somewhere on your site in an arbitrary place. And register this driver on the client - specifying how to connect to its database.

    Thus, it turned out to connect to the database without disclosing the connection parameters in principle. As well as bypassing administrative restrictions. In addition, the driver turned out so simple and understandable that it can be easily modified at will and implemented independently in another language, if necessary. For example, you can add request history or restrict access only from certain ips to just a couple of additional lines.


    In this example, I tried to show the power of the triz in resolving seemingly paradoxical contradictions. I believe that common sense and the logical constructions on which the triz is based and the science of logic should, sooner or later, oust the dominance of home-grown clerics, evangelists and propagandists. For which no matter what the business is the mission, that no project is the belief in all good against all bad.

    Also popular now: