First off, I'm new to this. By reading various tutorials I pieced together this little method of logging in to a mySQL database through PHP. It works, but is this an accepted method for authenticating users, and is it secure?
$hostname = "fortress";
$username = $_POST['username'];
$password = $_POST['password'];
$dbh = mysql_connect($hostname, $username, $password)
or die("Unable to connect to MySQL");
I doubt I'm the first to try/use this method. I see the main benifit being that mySQL authenticates the user and also allows me to keep certain users out of certain tables. Any pointers, comments, feedback would be appreciated. Thanks!
-wahh346
PHP Login to mySQL --This works, but is it secure?--
Moderator: General Moderators
- mydimension
- Moderator
- Posts: 531
- Joined: Tue Apr 23, 2002 6:00 pm
- Location: Lowell, MA USA
- Contact:
I would put your username, password and dbname in a file like config.php and keep it out of the main root. Then include it.
Code: Select all
<?php
include ("../config.php");
?>