I must be missing something here. Why do you need access to the
DATABASE from the web? All you need to do is make "requests" to the WEB
SERVER where a cgi program will do the talking to the database. The
database itself is never exposed to the outside world. You need NO
database drivers in the program that is installed on the user machines.
As far as they are concerned, they are accessing a text file. How that
text get retrieved doesn't matter to the program.
What am I missing here?
Len Morgan
viktoras didziulis wrote:
Hi Nicolas,
Leaving an open port for remote access to any database would it be
MySQL or Postgress is considered a serious web server security breach
and most providers are aware about this. Besides your data would never
be secure on such an open system - anyone that is able to sniff your
password can drop all your tables, and do even more harm... You should
use a server side "relay" script which would ensure secure
communication between the database and you application by filtering
all the input and stopping any potentially dangerous strings. This
also allows database-enabled application to be distributed without
MySQL drivers, so you won't owe anything to MySQL AB.
A while ago a simple relay script written in Perl was posted to this
list - see archives (October 3, 2007) look for the thread 'serverside
"relay" script'. It can also be implemented in PHP or any other
server-side scripting language.
Best wishes
Viktoras
Nicolas Cueto wrote:
However, how are the
text files maintained now? Since you can use get URL <textfile> the
same as reading a file on the (file) server, it seems to me that it
could be as simple as adding the characters "URL" to your get/put
instructions.
Thanks for the reply.
I had thought about using get/put URL if I continued to rely on txt
files.
I'll give it a try.
But the reason I was thinking databases instead was the possibility
of several users getting/putting information simultaneously thru the
server.
So, with this in mind, back onto the topic of databases...
After looking around the RunRev archives, one unexpected thing
came up. It seems that because licensing is an issue, some members
have suggested PostgreSQL over MySQL, given the former's clearly
stated (and free!) licensing policy.
Another thing I learnt from the archives (and from experience with
my current web host) is that connecting remotely to a database
is not popular among web hosts. They seem to prefer online management.
One web host that does allow remote access, and which is repeatedly
recommended by Rev users is Dreamhost. But, their set up is only
MySQL.
So, my next question is, would anyone care to recommend a webhost
that allows remote connections (via Rev, of course!) to a PostgreSQL
database?
Cheers,
Nicolas Cueto
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
_______________________________________________
use-revolution mailing list
[email protected]
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-revolution
