[UPHPU] MySQL questions?
davidsmith at byu.net
Fri Apr 23 20:03:14 MDT 2004
Steve Dibb wrote:
> Mac Newbold wrote:
>> Today at 6:46am, David Smith said:
>>> Also, a good PHP/MySQL design involves multiple users, one for
>>> one for writing, etc. This is for security purposes. I'd like to see a
>>> presentation on that.
>> I don't know that I agree with that statement, at least from a practical
>> stand point.
One very good reason: using a read-only MySQL account can protect your
from malicious SQL injection attacks. Fortunatel, the php-mysql
functions are generally not susceptible to such attacks, but it is still
very good practice.
More information about the UPHPU