 |
 |
Find a programming school near you
php-db | 2001011
Date: 01/06/01
- Next message: Rasmus Lerdorf: "Re: [PHP-DB] Database security with PHP"
- Previous message: NEWS!!: "[PHP-DB] Gone are the days...."
- Next in thread: Rasmus Lerdorf: "Re: [PHP-DB] Database security with PHP"
- Reply: Rasmus Lerdorf: "Re: [PHP-DB] Database security with PHP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi!
I'm using PHP on a web-server which I administrate to access & change information in a database which is also stored on the server. This clearly means that the username and password for editing the database need to be accessible by PHP => need to be stored in a file which PHP can read. We also allow users on our network to create their own personal web-pages on this server, which is where my problem arises. Any user can, therefore, write a PHP script which prints out the contents of the file which contains my database username and password (since PHP must be able to read this file) and thus gain unauthorised access to the database. Is there any way of avoiding this? I need to provied all of these services on one machine (i.e. obtaining a separate machine for user web-pages is not feasible). Ideas anyone? (I expect this is a common problem so hopefully someone can help!!!)
Cheers,
Carl
---------------------------------------------------
Get free personalized email at http://www.iname.com
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: php-db-unsubscribe <email protected> For additional commands, e-mail: php-db-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: Rasmus Lerdorf: "Re: [PHP-DB] Database security with PHP"
- Previous message: NEWS!!: "[PHP-DB] Gone are the days...."
- Next in thread: Rasmus Lerdorf: "Re: [PHP-DB] Database security with PHP"
- Reply: Rasmus Lerdorf: "Re: [PHP-DB] Database security with PHP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
