My hosting company gave me one database and one root user account, and I have no access for priviliges at all. So as far as I can tell, the only way for me to connect to the database on my site is to do a mysql_connect("host", "user", "pass"), where the user and pass are the ones for this one super account.
Is this a major security concern or what? Is there a way around this, or a way to minimize security problems? I've emailed them about this, and they act like they have no clue what I'm talking about: >I'm not trying to hide files or directories, I'm talking about when I use >PHP and make a connection to the database using mysql_connect("host", >"user", "pass"). This script is what is in my webpages that connects to the >DB and retrieves data to print for users. Is there an anonymous account to >use for retrieving data, or can I make one? > Then the program or script you are using should have means for your users to access permitted areas. And there is no anonymous account, there is only your own account Db Now. Hosting company provide your site with tool for you to use your own programs and it's up to you which programs and how you use them. Our job is to make sure the tool is working. Other than that, we do not provide support for scripts and the programs you are using. If you having problems to use some programs then you need to get in touch with developers and find what need to be done and how. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php