>We decided that the > safest method was to create real users in the PostgreSQL system user > table, and then let Postgres worry about authenticating users. Then, > even if your PHP code is flawed, the SQL commands still execute with > only the users permissions. I thought that way too but now I think it is better to create users and do the encrypting in the application layer and store logins and passwords in regular tables. The reason is that if, by any means, someone enters the database as user postgres or any other with total priviledges then you can see in the pg_shadow table the paswords in clear, this is a bigger risk than having your passwords encrypted in PHP and store them as encrypted TEXT in any table. Besides if you move from one postgresql server to another you have to worry a lot about how postgresql is configured (permissions and such). If you put it all in the application and regular tables you can go to any typical postgresql installation and install the database and application quickly and safely. At least that's what I think. Adrian Tineo
