 |
 |
 |
 |
|
|
Date: 09/29/00
- Next message: Sonia Tsui: "Re: [PHP] exec 'lynx' failed ???"
- Previous message: Van: "Re: [PHP] exec 'lynx' failed ???"
- In reply to: r a n d y: "[PHP] MySQL & PHP Security"
- Next in thread: Sebastian Stadtlich: "AW: [PHP] MySQL & PHP Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
At 3:08 PM -0700 09-29-2000, r a n d y wrote:
>My domain host suggests _NOT_ connecting to MySQL using PHP as it sends the
>username and pass as "plain" text to the MySQL server, as opposed to sending
>encrypted. Is this really an issue for the average Joe (or Randy in my case)
>who just wants to make a dynamic web site and won't be storing any _real_
>important info?
You can tell your host that they are misinformed. The password is not
sent in plain text to the MySQL server when you connect.
>
>They also said something about PHP not being 700...which I assume means that
>all executable and no r or w...this is how they handle cgi. Is there really
>a need to go all out like this for personal websites with pretty much
>useless information?
>
>randy
>______________________________________________
>http://www.randys.org
>
>For-pay Internet distributed processing.
>http://www.ProcessTree.com/?sponsor=11087
-- Paul DuBois, paul <email protected>-- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: php-general-unsubscribe <email protected> For additional commands, e-mail: php-general-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: Sonia Tsui: "Re: [PHP] exec 'lynx' failed ???"
- Previous message: Van: "Re: [PHP] exec 'lynx' failed ???"
- In reply to: r a n d y: "[PHP] MySQL & PHP Security"
- Next in thread: Sebastian Stadtlich: "AW: [PHP] MySQL & PHP Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]