----- Original Message -----
From: "Alain Roger" <raf.news@xxxxxxxxx>
To: "PHP General List" <php-general@xxxxxxxxxxxxx>
Sent: Wednesday, November 08, 2006 9:22 PM
Subject: Re: access to DB and security
Hi Satyam,
if i understood well, in this special hidden (from web) folder, you write
an
include file, where you only return an opened connection... something like
$db (where $db =mysql_connect("$host", "$user",
"$user_pwd",false,CLIENT_MULTI_STATEMENTS) ; for example)
and only this $db open connection is return to your PHP files (accessible
on
web).
did i understood well ?
Al.
Basically yes, the only other trick missing in your example (being utterly
paranoid) would be to avoid using variables to hold the db information since
those variables, if they are global, will persist all through the web page
in which this file is included. Use literals instead so no vital
information ever leaves that include, except for the live connection.
$db =mysql_connect('host', 'user','user_pwd',false,CLIENT_MULTI_STATEMENTS)
Perhaps that is what you meant by indicating "$host", which otherwise is a
pointless construct, since "$host" expands to $host evaluated as a string,
which probably is, anyway. I usually use single quotes instead of double
quotes for fixed literals so I clearly tell the interpreter that it doesn't
need to bother looking for variables or escape sequences to expand; unless,
of course, if I meant to have variables or escapes in them.
Satyam
On 11/8/06, Satyam <Satyam@xxxxxxxxxxxxx> wrote:
----- Original Message -----
From: "Alain Roger" <raf.news@xxxxxxxxx>
> Hi,
>
> My web hoster gave me a login and password with which i can connect to
DB,
> perform some actions as DB owner / superuser just for my DB.
> If i use this login + password to connect and perform some actions from
my
> web pages, everybody can hack my DB and do what they want.
>
> My web hoster will not give me some particular role/user with which
> user
> can
> only execute some stored procedure but can not administrate my DB.
>
> therefore, how can i make my web pages users connect to DB (with my
> administrator login and password) and run some stored procedure without
> risking to see my DB hacked ?
>
> thanks a lot,
>
> Alain
>
That is quite a normal setup and unless you have your own server, that's
what you normally get on a shared host so we all live with that.
Your database access information should be in an include file which all
web
pages should be able to access internally, but which is not accessible
from
elsewhere. Usually, you would have a ~/www or ~/htdocs directory which
is
the public root of the web site and will be seen from elsewhere. The
include file with the database access data should be in some
~/somethingelse
which is not accessible to the public. Furthermore, if this file has a
.php
extension, its contents won't be visible (unless it does echo something),
even if it is within the public directory. Finally, in that include file
I
usually return an opened global db connection and do not set variables
with
this DB access information, just produce the opened connection. That's
as
far as preserving the DB connection data.
As for preventing abuse of the opened connection, that would be through
"SQL
injection" and under that subject you will find lots of literature just
googling around and plenty of messages on this very list.
Satyam
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
