I'm writing a script which handles receiving order information from an eCommerce provider and keeping it in a database, which can then be queried for information from both customers and employees.<br /><br />However, I would like to restrict the customer script from being able to query some information, such as e-mail addresses (which should only be accessible to employees). This is mainly because I would need to store the mysql password in the php script for the "customer" interface, so "just in case" someone is able to either make the script do something weird or read the password from the script, their access to customer data would be very limited.<br /><br />The staff passwords would never be stored in the scripts, as they would be required to input a password each time to ensure security.<br /><br />That said, I am wondering if it's possible for me to set fine-tuned permissions for mySQL access, like only allowing a user account to do SELECT on a specific table or field. I didn't see how to do this via the mySQL management interface...<br /><br />The only other option I can see would be to separate out the data into different databases, and only allow the account that is being used by the "customer interface" to access a database with non-critical customer data.<br /><br />Thanks for any info...<!--content-->
This is just my opinion ...<br /><br />If security is an absolute, yes, I would make seperate databases.<br /><br />However, you can write scripts that only access specific tables and fields in a database. Then you have that concern about having the ID and password in your script.<br /><br />Personally, I've created seperate database access routines that access specific data files that are not accessible from the web. These data files contain the information necessary to access the databases. That way the information is never in your scripts and cannot be hacked into this way. Although there is always a way.<br /><br />Security is always a balancing act. But I believe you will be safe if you use reasonable precautions.<br /><br />Good luck!<!--content-->
This is just my opinion ...<br /><br />If security is an absolute, yes, I would make seperate databases.<br /><br />However, you can write scripts that only access specific tables and fields in a database. Then you have that concern about having the ID and password in your script.<br /><br />Personally, I've created seperate database access routines that access specific data files that are not accessible from the web. These data files contain the information necessary to access the databases. That way the information is never in your scripts and cannot be hacked into this way. Although there is always a way.<br /><br />Security is always a balancing act. But I believe you will be safe if you use reasonable precautions.<br /><br />Good luck!<!--content-->