okay, if you were me, how would you design, say a very secure web app.
i mean should you add users to the MYSQL.USER table with all the grant rights or just make a separate user (ex: SECURED_USERS) table and when you issue the PHP command to connect,
mysql_dbconnect ("localhost", "secured_user", "secured_pw");
i mean at first i was gonna do all the users and set up all the rights and stuff. i was coming with complicated code to check IP address and stuff...
but then, i mean, creation of the users will be strict and just assume once they are created and added to the SECURE_USERS table, they have just the needed rights...
am i trying to hard or should i just go with the simpler way? is the simpler way not secured enough?
how are you doing it?
thanks...
i mean should you add users to the MYSQL.USER table with all the grant rights or just make a separate user (ex: SECURED_USERS) table and when you issue the PHP command to connect,
mysql_dbconnect ("localhost", "secured_user", "secured_pw");
i mean at first i was gonna do all the users and set up all the rights and stuff. i was coming with complicated code to check IP address and stuff...
but then, i mean, creation of the users will be strict and just assume once they are created and added to the SECURE_USERS table, they have just the needed rights...
am i trying to hard or should i just go with the simpler way? is the simpler way not secured enough?
how are you doing it?
thanks...