newbe - a silly question on passing database username/password

I appreciate that this may not be the ideal group but to me, it is
the obvious group.

Am I correct in thinking that design should be done with the
developers username and password and then a generic user set up with
read only access which is then used for user data retrieval?

The site will be open to the public who will be allowed to browse the
database but not much else.

If it's public, allow read-only access, just for safety. It most likely
would not be a problem, however, unless they were given direct access to the
database, and not through anything else, such as PHP.

"Titus A Ducksass" <me@neverumind.com> wrote in message
news:k7ojfvgnd0dp48q46edhn5bj4ovvv1m0bp@4ax.com...
> I appreciate that this may not be the ideal group but to me, it is
> the obvious group.
>
> Am I correct in thinking that design should be done with the
> developers username and password and then a generic user set up with
> read only access which is then used for user data retrieval?
>
> The site will be open to the public who will be allowed to browse the
> database but not much else.

ok, to recap,
I have root & superuser with read, write etc access and I add a public
user to the database with read only eg username 'public' password
'readonly' and use these in the php to read from the database.
The public only see the index.php and *.php called from index.php.
The public would never know how to find the phpmyadmin.
The password to the directory for phpmyadmin is outside the www
directory.

If you think I have misunderstood then please do advise.
Thanks.

On Wed, 25 Jun 2003 13:21:52 -0600, "Matt Montgomery"
<NOSPAMmatt@NOSPAMchums.com> wrote:

>If it's public, allow read-only access, just for safety. It most likely
>would not be a problem, however, unless they were given direct access to the
>database, and not through anything else, such as PHP.
>
>"Titus A Ducksass" <me@neverumind.com> wrote in message
>news:k7ojfvgnd0dp48q46edhn5bj4ovvv1m0bp@4ax.com.. .
>> I appreciate that this may not be the ideal group but to me, it is
>> the obvious group.
>>
>> Am I correct in thinking that design should be done with the
>> developers username and password and then a generic user set up with
>> read only access which is then used for user data retrieval?
>>
>> The site will be open to the public who will be allowed to browse the
>> database but not much else.
>

On Wed, 25 Jun 2003 22:38:14 +0200, migmam <migmam@none.com> wrote:

>Titus A Ducksass wrote:
<snip>
>> Am I correct in thinking that design should be done with the
>> developers username and password and then a generic user set up with
>> read only access which is then used for user data retrieval?
>> The site will be open to the public who will be allowed to browse the
>> database but not much else.
>
>I can tell you what I do. As you say, I use a read only user to access
>the database, except when you have to create temporary tables (because
>the query is too complex). In such case I have another user with write
>access but never the root user.
>Obviously all users with their corresponding passwords.
>Place the username and password always in a file with php extension,
>never with other different that can be download and everyone can see the
>passwords. To be more secure you can place this ini file in a directory
>where only php can access (not via http) i.e. php/include.

If I understand correctly, I have root & superuser with full access
and I add a public user to the database and grant them read only
and use these in the php to read from the database.

The passwords/usernames are outside the www directory.

If you think I have misunderstood then please do advise.
Thanks.

On 25 Jun 2003 16:17:00 -0700, nc@iname.com (Nikolai Chuvakhin) wrote:

>Titus A Ducksass <me@neverumind.com> wrote in message
> news:<k7ojfvgnd0dp48q46edhn5bj4ovvv1m0bp@4ax.com>. ..
<snip>
>
>If the public will indeed be allowed to only browse the database,
>then the PHP script(s) responsible for content display can indeed
>survive with read-only rights. The next question, then, is, who
>will be developing content and how will its publishing be done?
>
>More evolved content management systems often have multiple levels
>of access: guest, registered user, moderator, administrator, etc.

I have the content already, it is a simple 1 table database in mysql.
I intend to add more tables /databases at a later stage but not yet -
I need to crawl before I can run hence the newbe silly questions that
I spew forthe <Grin>.

publishing - not quite sure what you mean. However, I will up the
data via phpmyadmin using supervisor rights.

If I have understood the replies correctly then I was right in my
assumption that I create a user eg 'public' and grant them read only
privaleges and use these in the php to open and use the database.

I do envisage other types of user (eventually) such as administrators
who may have extra rights over various tables.

Can you recommend a contact management system?
The ones I have seen are too expensive and /or unuseable to the novice
user.

Just as a side thought, I have never seen a command to close the
database (not shut it down) is there one?

Titus A Ducksass <me@neverumind.com> wrote in message
news:<hq1lfvsvk8cekg9eqnllna4elhj6n067er@4ax.com>. ..
>
NC> If the public will indeed be allowed to only browse the database,
NC> then the PHP script(s) responsible for content display can indeed
NC> survive with read-only rights. The next question, then, is, who
NC> will be developing content and how will its publishing be done?
>
> publishing - not quite sure what you mean.

Making content available to the readers.

> If I have understood the replies correctly then I was right in my
> assumption that I create a user eg 'public' and grant them read only
> privaleges and use these in the php to open and use the database.

Sure. Your design seems to be in line with this simple rights
management scheme.

> Can you recommend a contact management system?

Have you checked hotscripts.com yet? There might be something
you could use...

> Just as a side thought, I have never seen a command to close the
> database (not shut it down) is there one?

MySQL connections are not database-specific; rather, they are
server-specific. One connection can be used to work with
several databases, provided that they reside on the same server.
So there is the mysql_close() function, which closes the connection
to the server. Calling it, however, is not mandatory, since PHP's
internal trash collector automatically closes all non-persistent
database connections when the script that opened them is terminated.

Cheers,
NC