I have a single database, where each clients system uploads all it's data to a single table, but each user in the table has a unique ID for referencing their updates to the db. How can I keep the actual database username and password private? If I give everyone the login info to the database so that it is included in the POST, anyone case see the info, and if someone chose to write some code and mess with the db then it would be easy. Also, if the the php file that manages the database updates is what contains the login info, anyone can download the php file and get the info.
Is there a way to have the user log in with a separate username and password that is stored in the record for their ID, but now have them see the real db login info?
Multiple users and single database question
Moderator: General Moderators
- social_experiment
- DevNet Master
- Posts: 2793
- Joined: Sun Feb 15, 2009 11:08 am
- Location: .za
Re: Multiple users and single database question
If you are using a class you can use the values inside the class so that users don't have access to it.Tchapman wrote:Is there a way to have the user log in with a separate username and password that is stored in the record for their ID, but now have them see the real db login info?
Code: Select all
<?php
class sql_ {
// properties
$database = "db_name";
$username = "user_name";
$password = "pass_word";
$host = "localhost";
public function connectToDb() {
$connection = @mysql_connect($this->host, $this->username, $this->password);
// select database as well somewhere here
}
?>Code: Select all
<?php
@mysql_connect('localhost', 'my_user', 'my_pass');
@mysql_select_db('my_db');
?>Code: Select all
<?php @include_once('connection.php'); ?>“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering