473,398 Members | 2,812 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > maybe easy - securing php files containing db access passwords etc.

Join Bytes to post your question to a community of 473,398 software developers and data experts.

Maybe easy - securing php files containing DB access passwords etc.

Hello there,

In summary: How to make my password protected php scripts available for use
to public, without letting them do anything they want to DB.

Previously a shared hosting hosted MySQL database was only used by internal
staff and so all the php scripts were simply held on a password protected
folder (HTTP style) that the staff would know to do their duties with the
DB.

However, a requirement has come for a public website to become available
that allows anyone to visit a webpage, and submit some details via a webform
and these details need to be inserted into the database.

This currently creates the problem that when they HTML form is submitted to
a PHP script (adapted from an existing insert data php script from before)
that is located in the password protected folder, it obviously prompts for
the password.

Even if I move this script out of the password protected directory, this
script still relies on many library php scripts that do things like connect
to the DB.

So therefore what is the best way of going about making this work. I want
users to be able to submit the webform without being prompted for a username
and password, but I want to protect access to php scripts because we do not
want anyone else to do the many other functions available (such as view /
amend records etc.)

This may be really simple and I am just missing something very obvious. A
Google search just led me to many things explaining password protection in
general.

Kind regards and TIA.

Dave
Jul 17 '05 #1
2 1602
Add your "protected" directory to include_path.

Jul 17 '05 #2
<ad******************@gmail.com> wrote in message
Add your "protected" directory to include_path.


Hi there,

Thanks for that, and forgive if this is another dumb question, but if I am
using a shared hosting (where I pay x amount per month for like webfusion)
am I able to amend the include_path.

Can you explain a little more if I am supposed to add it to one of my files
or how this still protects my folders but allows public visitors to make
additions to the DB.

Kind regards

Dave
Jul 17 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
Securing Databases From Porting
by: AMK | last post by:
I have a situation where I have an app that uses a sql server (msde) database. The app will be used in environments where no one should be able to manipulate the data except the developers (app...
Microsoft SQL Server
7
Securing A Folder On A Server
by: Tom | last post by:
Can anyone give me any advice on how to secure a folder on a network server so that documents in the folder can only be opened through an Access database or by the database admin. I need to store...
Microsoft Access / VBA
1
Securing a single table - what are the options?
by: penguin732901 | last post by:
I have never had a need to use Access' built in security. Now a client has requested that one particular table be available only to a specific user. (It happens to be information that's really...
Microsoft Access / VBA
11
Securing hashing algorithm
by: Wm. Scott Miller | last post by:
Hello all! We are building applications here and have hashing algorithms to secure secrets (e.g passwords) by producing one way hashes. Now, I've read alot and I've followed most of the advice...
C# / C Sharp
7
Securing data against theft of the server or hackers
by: Nick Gilbert | last post by:
Hi, As part of a website (ASP.NET) we're creating, we need the ability to store documents with pretty much 'mission critical' security. ie, if the server is completely compromised (eg a...
ASP.NET
4
Securing both front end and back end
by: Brad P | last post by:
I have a 2K database with a front end linked to a back end. I need to lock down or secure both ends so a user can not access the raw data in tables etc. I also need usernames and passwords for 50+...
Microsoft Access / VBA
8
Securing PHP scripts.
by: techjohnny | last post by:
Hello: I have a form that processes a script upon submission. The script is on the local server, but is accessible through a web browser. I'd like the user to be able to submit a form and...
PHP
4
Securing database with separate front-end / back-end
by: Stephen Poley | last post by:
Whenever anyone has a question about securing an Access database he/she is usually referred (unsurprisingly) to the Security FAQ. This is however incomplete/unclear with respect to databases with a...
Microsoft Access / VBA
10
Re: Advice on securing a sensitive Access database
by: Les Desser | last post by:
In article <fcebdacd-2bd8-4d07-93a8-8b69d3452f3e@s50g2000hsb.googlegroups.com>, The Frog <Mr.Frog.to.you@googlemail.comMon, 14 Apr 2008 00:45:10 writes Not sure if I quite follow that. 1....
Microsoft Access / VBA
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!