Preferred PostgreSQL User Account For Code?
Posted: Tue Feb 28, 2006 9:03 pm
I'm writing my all-out killer PHP app of a lifetime. (Aren't we all, these days?) When I release the product, I plan to do what's universally accepted as the right way to do this.
* Should I provide a database.sql file that permits one to create this database manually or should the web interface automatically detect it's not there and prompt the administrator to create it?
* If so, what API is normally accepted as the way to create that database from the PHP page?
* What PostgreSQL account username do you think I need to use from my PHP app? Stick with "root"? Use an account name that matches the name of the app? Use "apache"? Use "nobody"? I know this is nitpicking, but I just want my app to look like most everyone else's.
* Would you recommend creating multiple accounts that my app uses for different things, and giving different security rights for each?
Note that I was planning on making my app simple to install. It has very few dependencies. The idea is to be plug and play. You drop it on your Linux PHP server's web folders and then connect to it. It detects that it has never been used and asks you to assign an administrator password. Then, it prompts you with a web-based wizard on how to set the rest of the app up and configure it, and then take you into using the app. From there on out, end users can start using the app if they have a login account that was created in the app. Also, at any time, I can hit install.php and redo the installation again, including drop the previous database and start over.
* Should I provide a database.sql file that permits one to create this database manually or should the web interface automatically detect it's not there and prompt the administrator to create it?
* If so, what API is normally accepted as the way to create that database from the PHP page?
* What PostgreSQL account username do you think I need to use from my PHP app? Stick with "root"? Use an account name that matches the name of the app? Use "apache"? Use "nobody"? I know this is nitpicking, but I just want my app to look like most everyone else's.
* Would you recommend creating multiple accounts that my app uses for different things, and giving different security rights for each?
Note that I was planning on making my app simple to install. It has very few dependencies. The idea is to be plug and play. You drop it on your Linux PHP server's web folders and then connect to it. It detects that it has never been used and asks you to assign an administrator password. Then, it prompts you with a web-based wizard on how to set the rest of the app up and configure it, and then take you into using the app. From there on out, end users can start using the app if they have a login account that was created in the app. Also, at any time, I can hit install.php and redo the installation again, including drop the previous database and start over.