Also, you can limit access to a specific table in a specific database for a specific user, if it makes sense in your application. -- Josh -----Original Message----- From: Peter Beckman [mailto:beckman@purplecow.com] Sent: Wednesday, November 06, 2002 6:41 PM To: William Trappeniers Cc: php-db@lists.php.net Subject: Re: MySQL password protection? Create a user "nobody" with no password and give that user select, update, delete and insert capabilities in your DB and can only connect from localhost (or a certain host). This way they have to be on localhost in order to gain access to your tables, and only then be able to do what your nobody user can do. Then you need to make sure nobody can gain access to localhost without express permission (i.e. plug all security holes). Why are you showing people your source-code that has your password in it? Peter On Wed, 6 Nov 2002, William Trappeniers wrote: > Hi all > > I was wondering if it is possible to protect my password to the MySQL-server > from being in a PHP-script. Now I can't do that, so everybody who gets to > see my php-sourcecode also can see my (not protected/not encrypted) > password. > How can I change this? > > Thanks, > > William > > --- > William Trappeniers > mail at: wiltrap@wol.be > > > > -- > PHP Database Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > ------------------------------------------------------------------------ --- Peter Beckman Systems Engineer, Fairfax Cable Access Corporation beckman@purplecow.com http://www.purplecow.com/ ------------------------------------------------------------------------ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
