RE: [PHP-DB] MySql security

2002-11-19 Thread Joakim Andersson
 Hi,
 
 Since i dont know any mysql group, i will try here - it is 
 anyway related to
 php.
 When i want to make php/mysql application i have mysql on the 
 server and i
 connect to it with mysql_pconnect(localhost,root,) and it works.
 I assume that any user or hacker could connect to mysql 
 database like this.
 So, i want to create my database and i want to limit access 
 to this database
 for some usernames and passwords. I know MSSQL or Interbase 
 can do it - but
 how i do this in mysql.
 If this is offtopic can someone point me to any mysql newsgroup.

I would say this is very offtopic, but this query should do the trick:
GRANT select, update, insert ON your_db_name.* TO
your_username@localhost IDENTIFIED BY 'your_password'
Take a look in the MySQL manual for more details on GRANT.

To set a password for root you can use the mysqladmin command:
mysqladmin -u root password your_new_pwd
Note that the word password here really is the word password!
Or you could run this query on the mysql db.
SET PASSWORD FOR root@localhost=PASSWORD('your_new_pwd');

 Other question is: if i need to make application which uses 
 credit cards,
 how can i increase security for it. I have heard about https 
 protocol, but
 dont know much about it. Any link would be appreciated.

You have to look in your webserver's manual for this.

Regards
Joakim
-
This message contains information that may be privileged or confidential and
is the property of Cyber Com and may be exempt from disclosure under
applicable law. It is intended only for the person to whom it is addressed.
If you are not the intended recipient, you are not authorized to read,
print, retain, copy, disseminate, distribute, or use this message or any
part thereof. If you receive this message in error, please notify the sender
immediately and delete all copies of this message.
This agreement shall be governed by the law where the sender has its place
of business. 
Any attachment(s) to this e-mail has been checked for viruses, but please
rely on your own virus-checker and procedures.
-

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP-DB] MySql security

2002-11-19 Thread Radovan Radic
  how i do this in mysql.
  If this is offtopic can someone point me to any mysql newsgroup.

 I would say this is very offtopic, but this query should do the trick:
 GRANT select, update, insert ON your_db_name.* TO
 your_username@localhost IDENTIFIED BY 'your_password'
 Take a look in the MySQL manual for more details on GRANT.


Thank you for the answers, i will explore little bit more about this.

Radovan



-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php