[UPHPU] MySQL questions?

David Smith davidsmith at byu.net
Fri Apr 23 20:03:14 MDT 2004


Steve Dibb wrote:

> Mac Newbold wrote:
>
>> Today at 6:46am, David Smith said:
>>
>>> Also, a good PHP/MySQL design involves multiple users, one for 
>>> read-only,
>>> one for writing, etc. This is for security purposes. I'd like to see a
>>> presentation on that.
>>
>>
>> I don't know that I agree with that statement, at least from a practical
>> stand point. 
>

One very good reason: using a read-only MySQL account can protect your 
from malicious SQL injection attacks. Fortunatel, the php-mysql 
functions are generally not susceptible to such attacks, but it is still 
very good practice.

--Dave




More information about the UPHPU mailing list