Display the different ways in which you've seen php using mysql, and we'll see if any one of them is any more secure than another. Most Security issues can be left to MySQL and the MySQL API. A few pointers - Store parameters(username/password) outside the DocuementRoot. Put your server on local host - or create an ssh/ssl tunnel between the PHP machine, and the DB. Cast any numbers, and escape any strings. ( mysql_escape_string ) Configure mysql securely - this is outside the scope of an email. On 4/14/06, benifactor <snorris17@xxxxxxx> wrote: > > i was wondering what is the most secure way to use mysql in php. is there > a certain way it should be done or a way that is more secure than another? > > iv'e seen it done many ways and was wondering if it was just preference or > a if there was a reason behind it. > > if you guys could post some examples of how you do it and why maybe you > could help me understand or know of an article or tutorial on the subjecti > would appreciate it. >
