Hi!

(MySql, sql, queries for filter)

I may be misunderstanding some things.  Here is what I am thinking and
doing.

I believe that people can find out my id and password because I use scripts
to permit people to enter information or delete information.  I have a
little housing registry and also a learning/testing site, for example.  So I
have (in these cases) php scripts allowing people to log in and then
allowing them to access the applications.  The scripts always have to be the
"localhost" connection to the database, so they have to log in and all users
have access to my scripts.  So (as I see it) everyone could potentially see
the id and password.    On the other hand that doesn't seem to be a huge
worry because unless they can connect as localhost using their
own scripts or application, then they have to use my scripts and they can't
do anything especially evil (not that they want to . . .).

I would definitely agree that if you want airtight security you have to do
your own hosting. . .  However, at the moment I'm busy with other things so
that just isn't a possibility.  I'd love to have full access to the user
privileges, etc. but that will be maybe a year from now. . .

Also, I seem to be doing what JamesD suggested in an earlier post.  His
example uses Perl but I do the same thing using php.  This approach so far
has been working well.

Thanks for all your input!  This feedback is very, very helpful.

-warren





---------------------------------------------------------------------
Before posting, please check:
   http://www.mysql.com/manual.php   (the manual)
   http://lists.mysql.com/           (the list archive)

To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php

Reply via email to