MySQL Access Security Details

20/08/2007, 11h56

Hi All,

I'm just starting out the in exciting world of dynamic web applications - or
so it says in the book infont of me. I'm creating a website where I need to
have a form where users can register and enter their details (email address,
password, age, ..etc...) which then get added to a new row of my "members"
table in my database. So far I can get data in and out using SQL functions,
but to do this you firstly need to connect to the database providing the
location, username and password.

The "thing" I don't understand at the moment is how can I let users create
their own membership details / line in the table, without having the
database log in details publicly viewable? I don't really want it all there
for everyone to see when they go to view the source of the website!

If anyone can provide a really simple explanation of how to do this then it
would be greatly appreciated, ...as I said, I'm really new to all
this......didn't even know what HTML was a few months ago,lol.

Thanks in advance,
Dan
P.s Being a pretty security conscious guy I know I'll have to do something
about storing their personal details, ...but that's a hurdle I'll worry
about another time.

07/09/2007, 23h40

I think you missed some info. A database can & does contain anything,
passwords, account numbers...
It what you let all users 'SEE' that counts.
Only the user(ID) should be able to view their info.
kahn
-----------------------------------------------------

Dan wrote:
> Hi All,
>
> I'm just starting out the in exciting world of dynamic web applications - or
> so it says in the book infont of me. I'm creating a website where I need to
> have a form where users can register and enter their details (email address,
> password, age, ..etc...) which then get added to a new row of my "members"
> table in my database. So far I can get data in and out using SQL functions,
> but to do this you firstly need to connect to the database providing the
> location, username and password.
>
> The "thing" I don't understand at the moment is how can I let users create
> their own membership details / line in the table, without having the
> database log in details publicly viewable? I don't really want it all there
> for everyone to see when they go to view the source of the website!
>
> If anyone can provide a really simple explanation of how to do this then it
> would be greatly appreciated, ...as I said, I'm really new to all
> this......didn't even know what HTML was a few months ago,lol.
>
> Thanks in advance,
> Dan
> P.s Being a pretty security conscious guy I know I'll have to do something
> about storing their personal details, ...but that's a hurdle I'll worry
> about another time.
>
>
>

20/08/2007, 11h56	#1
Dan Messages: n/a Hébergeur:	MySQL Access Security Details Hi All, I'm just starting out the in exciting world of dynamic web applications - or so it says in the book infont of me. I'm creating a website where I need to have a form where users can register and enter their details (email address, password, age, ..etc...) which then get added to a new row of my "members" table in my database. So far I can get data in and out using SQL functions, but to do this you firstly need to connect to the database providing the location, username and password. The "thing" I don't understand at the moment is how can I let users create their own membership details / line in the table, without having the database log in details publicly viewable? I don't really want it all there for everyone to see when they go to view the source of the website! If anyone can provide a really simple explanation of how to do this then it would be greatly appreciated, ...as I said, I'm really new to all this......didn't even know what HTML was a few months ago,lol. Thanks in advance, Dan P.s Being a pretty security conscious guy I know I'll have to do something about storing their personal details, ...but that's a hurdle I'll worry about another time.

07/09/2007, 23h40	#2
kahn Messages: n/a Hébergeur:	Re: MySQL Access Security Details I think you missed some info. A database can & does contain anything, passwords, account numbers... It what you let all users 'SEE' that counts. Only the user(ID) should be able to view their info. kahn ----------------------------------------------------- Dan wrote: > Hi All, > > I'm just starting out the in exciting world of dynamic web applications - or > so it says in the book infont of me. I'm creating a website where I need to > have a form where users can register and enter their details (email address, > password, age, ..etc...) which then get added to a new row of my "members" > table in my database. So far I can get data in and out using SQL functions, > but to do this you firstly need to connect to the database providing the > location, username and password. > > The "thing" I don't understand at the moment is how can I let users create > their own membership details / line in the table, without having the > database log in details publicly viewable? I don't really want it all there > for everyone to see when they go to view the source of the website! > > If anyone can provide a really simple explanation of how to do this then it > would be greatly appreciated, ...as I said, I'm really new to all > this......didn't even know what HTML was a few months ago,lol. > > Thanks in advance, > Dan > P.s Being a pretty security conscious guy I know I'll have to do something > about storing their personal details, ...but that's a hurdle I'll worry > about another time. > > >

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email