>----- Original Message ----- >From: "Melanie Phair" <[EMAIL PROTECTED]> > >> I can add users ok but as they all have the same rights by >> default there doesnt seem much point apart from tracking etc. >> >> All the books that I have read make a big thing about >> restricting the rights of users but perhaps this isn't so >> important when the database is accessed through an >> interface and not directly. > >Well - for example you probably have data on your Web site that most >visitors should only be able to read, but not alter... so you might want >most pages connecting with a userid that has only read access. Then if >there was any error or hack that gave someone that username and password >they couldn't change or delete the data. Still in most cases it shouldn't >matter, because usually the user can only do what you have coded the page to >do, unless they have some exploit where they can inject SQL into a form >field or something; if it was really, really important to protect the >database and restrict access ( = a lot of $$$ at stake ) then the cost of >running a dedicated server would be a small price to pay. > >Bj > >
This is what we ( Payco UK / mTank) have with Positive Internet - one 'pod' all to ourselves; http://www.positive-internet.com/dolphin/index.html I can put paw on heart & say they give excellent service. We had some serious probs getting a World Cup SMS prediction application running across a shortcode on all 4 mobile networks here (I won't bore you, some of the horror story's at http://www.mediation.co.uk/view57.html) mainly due to the telcos which meant a lot of continually revising & testing of code while the damn thing was live, & a lot of swift stopping & starting of the application - and no second chance with the client if the app failed. Positive Internet were a shining light in amongst 4 weeks of non-stop aggro & hassle. We're about to run a similar application for the UK football premiership which starts tomorrow... I'm swallowing my vitamins here... Franni ____ � The WDVL Discussion List from WDVL.COM � ____ To Join wdvltalk, Send An Email To: mailto:[EMAIL PROTECTED] Send Your Posts To: [EMAIL PROTECTED] To change subscription settings to the wdvltalk digest version: http://wdvl.internet.com/WDVL/Forum/#sub ________________ http://www.wdvl.com _______________________ You are currently subscribed to wdvltalk as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED]
