Disclosure of Invention
the invention aims to provide a secure data transmission method based on a TCP/IP protocol, which is used for a client to acquire data of a database in real time by establishing a server based on the TCP/IP protocol, thereby ensuring the safety and high efficiency of communication between a user and the database, improving the network transmission efficiency and reducing the operation cost.
In order to achieve the above purpose, the invention provides the following technical scheme:
a secure data transmission method based on TCP/IP protocol includes the following steps:
s1: finishing the communication establishment of a TCP/IP protocol between a server and a client;
s2: using a JSON server to send data to a server;
s3: the client side obtains data of the database in real time, distinguishes a packet header and a data body through a regular expression for sending data, distinguishes various data in the packet header through the regular expression, and judges whether to execute database operation or not.
in step S1, the data is encapsulated in JSON format in the transmission process; the step S2 of obtaining data from the database includes two ways, one is to directly send SQL statements, and the other is to negotiate and send command codes.
wherein, the TCP/IP protocol between the server and the client in the step S1 includes:
the database generates a UID with the length of 32 bits in the user table each time the client logs in, and then the UID is returned to the client, and the client stores the UID for later data acquisition.
the step S2 of sending data to the server by the JSON server to obtain database data includes the following steps:
s4: establishing a Map table in the class, wherein a primary key in the Map table is a client link sock value; the Map table is used for recording the data sent by each link and judging whether the data is complete data or not;
s5: after a piece of complete data is sent, distinguishing a packet header and a data body through a regular expression, and then distinguishing various data in the packet header through the regular expression;
S6: in the step S5, every two pieces of data in the header data are a group, which includes eight groups in total; the first group of header data is a transmission type and a safe UID, the second group of header data is a transmission data structure, the third group of header data is a data length, the fourth group of header data is a link mode, the fifth group of header data is a data compression mode, the sixth group of header data is a transmission code, the seventh group of header data is a user agent, and the eighth group of header data is an IP and a port;
S7: judging whether the length of the third group of header data is matched with the length of the data body, if so, executing database operation, if not, checking whether data are lost, if so, judging that the return is failed, if not, continuously judging whether the UID in the first group of header data is consistent with the UID in the database, if so, executing database operation, and if not, judging that the return is failed, and returning null data.
wherein, the directly sending SQL statements to acquire data comprises the following steps:
s8: receiving a link of a client;
S9: analyzing the data to judge whether the data length of the packet header is matched with the data body, if the data length of the packet header is not matched with the data body, returning to failure, and if the data length of the packet header is not matched with the data body, executing S10;
s10: if the first group of data is 'exec SQL with out result' data body representing SQL statement;
S11: judging whether the UID code is consistent with the UID code in the database, if so, continuing to execute S12, and if not, returning null data;
S12: data is issued to the database to allow the database to execute the data,
S13: and receiving data returned by the database, packaging the data into JSON format data and returning the data to the client.
wherein the acquiring data by negotiating to send a command code comprises the steps of:
S14: receiving a link of a client;
s15: analyzing the data to judge whether the data length of the packet header is matched with the data body, if the data length of the packet header is not matched with the data body, returning to failure, and if the data length of the packet header is not matched with the data body, executing S16;
S16: if the first group of data is the data body of 'exec sql with out result' representing the command code;
s17: judging whether the UID code is consistent with the UID code in the database, if so, continuing to execute S18, and if not, returning null data;
S18: issuing a command code to a database;
S19: after receiving the command code, the database analyzes the data, and then judges and executes a related command according to the command code to obtain the desired data;
s20: and receiving data returned by the database, packaging the data into JSON format data and returning the data to the client.
The invention has the advantages that the invention is used for the client to acquire the data of the database in real time by newly establishing a server based on the TCP/IP protocol, and utilizes the TCP/IP protocol as the basic communication framework of the internet; the JSON server is used for sending data to the server to obtain database data, the JSON data is a lightweight data exchange format, and is based on a subset of ECMAScript, a text format completely independent of a programming language is adopted to store and represent the data, so that the data can be conveniently read and written by people, meanwhile, the machine analysis and generation are easy, and the network transmission efficiency is effectively improved; the client side is directly sent data to obtain database data after being linked with the JSON server, login verification is not needed, operation efficiency can be improved, some complicated processes are omitted, and operation cost is reduced; meanwhile, in order to prevent other invalid clients or attackers from acquiring the data of the database, a safe UID is added to authenticate an effective client link when the data is transmitted, and the communication between a user and the database is safe and efficient.
Detailed Description
the technical solutions in the embodiments of the present invention will be clearly and completely described below, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the following embodiments, unless otherwise specified, the technical means used are conventional means well known to those skilled in the art.
A secure data transmission method based on TCP/IP protocol includes the following steps:
S1: finishing the communication establishment of a TCP/IP protocol between a server and a client;
s2: using a JSON server to send data to a server;
S3: the client side obtains data of the database in real time, distinguishes a packet header and a data body through a regular expression for sending data, distinguishes various data in the packet header through the regular expression, and judges whether to execute database operation or not.
In the step S1, the data is encapsulated in JSON format in the transmission process; the step S2 of obtaining data from the database includes two ways, one is to directly send SQL statements, and the other is to negotiate and send command codes.
The invention builds a server based on TCP/IP protocol, the server is linked with the client through the network, the network is not limited to wide area network, metropolitan area network or local area network, the client is not limited to mobile phone, tablet computer and PC client; the method can be executed by a client and a TCP/IP protocol server together, and the construction of the TCP/IP protocol is completed by utilizing a library function of the server, for example, Active represents that a communication establishment state is represented, SendtoIP is an IP address of the client, recidata is a received data buffer area, senddata is a sent data buffer area, Send _ number is the number of the sent data, Recvnumber is the number of the received data, and Send is a mark bit; and the TCP/IP protocol is used as a basic communication framework of the Internet and is used for the client to acquire the data of the database in real time.
the invention obtains the database data by sending data to the server by using the JSON server, the JSON data is a light data exchange format, based on a subset of ECMAScript (js specification established by European computer Association), the JSON data adopts a text format completely independent of a programming language to store and represent the data, is convenient for human reading and writing, is easy for machine analysis and generation, and effectively improves the network transmission efficiency.
as shown in fig. 1, the TCP/IP protocol between the server and the client in step S1 includes:
The database generates a UID with the length of 32 bits in the user table each time the client logs in, and then the UID is returned to the client, and the client stores the UID for later data acquisition.
when the client side acquires the data of the database in real time, in order to prevent other invalid client sides or attackers from acquiring the data of the database, the invention adds a safe UID to authenticate that the link is an effective client side link when the data is transmitted, thereby ensuring the safe and efficient communication between the user and the database.
As shown in fig. 2, the step S2 of the JSON server sending data to the server to obtain database data includes the following steps:
s4: establishing a Map table in the class, wherein a primary key in the Map table is a client link sock value; the Map table is used for recording the data sent by each link and judging whether the data is complete data or not;
s5: after a piece of complete data is sent, distinguishing a packet header and a data body through a regular expression, and then distinguishing various data in the packet header through the regular expression;
s6: in the step S5, every two pieces of data in the header data are a group, which includes eight groups in total; the first group of header data is a transmission type and a safe UID, the second group of header data is a transmission data structure, the third group of header data is a data length, the fourth group of header data is a link mode, the fifth group of header data is a data compression mode, the sixth group of header data is a transmission code, the seventh group of header data is a user agent, and the eighth group of header data is an IP and a port;
S7: judging whether the length of the third group of header data is matched with the length of the data body, if so, executing database operation, if not, checking whether data are lost, if so, judging that the return is failed, if not, continuously judging whether the UID in the first group of header data is consistent with the UID in the database, if so, executing database operation, and if not, judging that the return is failed, and returning null data.
in the invention, a client side is linked with a JSON server and then directly sends data to obtain database data, the length of the data sent by the client side is not fixed and can be sent by a plurality of packets, so that a Map table is established in a class, and a main key in the Map table is a client side link sock value; the Map table is used for recording data sent by each link and judging whether the data is complete data or not, and judging whether database operation is performed or not after the data is sent to be complete data.
as shown in fig. 3, the directly sending SQL statements to obtain data includes the following steps:
s8: receiving a link of a client;
s9: analyzing the data to judge whether the data length of the packet header is matched with the data body, if the data length of the packet header is not matched with the data body, returning to failure, and if the data length of the packet header is not matched with the data body, executing S10;
s10: if the first group of data is 'exec SQL with out result' data body representing SQL statement;
s11: judging whether the UID code is consistent with the UID code in the database, if so, continuing to execute S12, and if not, returning null data;
S12: data is issued to the database to allow the database to execute the data,
s13: and receiving data returned by the database, packaging the data into JSON format data and returning the data to the client.
as shown in fig. 3, the acquiring data by negotiating the sending of the command code includes the following steps:
S14: receiving a link of a client;
s15: analyzing the data to judge whether the data length of the packet header is matched with the data body, if the data length of the packet header is not matched with the data body, returning to failure, and if the data length of the packet header is not matched with the data body, executing S16;
S16: if the first group of data is the data body of 'exec sql with out result' representing the command code;
s17: judging whether the UID code is consistent with the UID code in the database, if so, continuing to execute S18, and if not, returning null data;
s18: issuing a command code to a database;
s19: after receiving the command code, the database analyzes the data, and then judges and executes a related command according to the command code to obtain the desired data;
s20: and receiving data returned by the database, packaging the data into JSON format data and returning the data to the client.
The invention provides two data acquisition modes, one mode is to directly send SQL statements to acquire the data, and the other mode is to negotiate and send command codes to acquire the data, so that reliable visiting client side link is ensured.
the invention is used for acquiring database data in the transmission process based on the TCP/IP protocol network, and ensuring reliable client-side link; preventing other applications from acquiring data at will; meanwhile, the communication pressure of the main server can be shared, and the high-efficiency communication between the client and the database is improved.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, but rather as the intention of all modifications, equivalents, improvements, and equivalents falling within the spirit and scope of the invention.