Say, for instance, I regularly visit a website and I am a member (registered user - i.e. have a username and password) of the website and I access details that only I can see on a regular basis. (I am not talking about the forum it is a fitness training website).

At the moment the web interface of the site is very basic and doesn't work at all in some parts.

There will be some kind of database behind the website holding the data.

What exactly would I need to know in order to write an application (iPhone app) that could access the database (with authorisation)?

I'm guessing I would need some kind of URL for the database but surely the authorisation would come from the user? Would I be able to write the app by reverse engineering the html source from the site or would I need to contact someone in the company?

Thanks for any help.

(I want to do this legitimately but would like to have something to show someone before contacting them).

You would need the owner of the website to open up the database for access by third party IP adresses - something they are very unlikely to do and securing sites is hard enough without deliberately opening them to attack!

You wouldn't need a URL, just the IP adress of the database server and its port number. Then you should be able to access it with ODBC/JDBC etc. But the site owner will, generally, need to add the IP address of the client to the list of allowed addresses. As the iPhone doesn't have a fixed IP Address, this wouldn't be possible, which would mean that they would need to open the database up to any IP address, which is a bad thing!

The best solution would be for them to write a web API which you could access, which would authenticate your user account on the website and provide you with preset information that you can use. That would involve a lot of work on their side, unless they are using a packaged product, which provides an API already.