[linux-help] Re: Linux Apps

[Jesse Kaufman <glandix@xxxxxxxxxxx>]

On Fri, 8 Dec 2000, Steven Saner wrote:

> A concern I have that maybe someone has dealt with, is running PHP with
> Postgres (or MySQL) on a server used by muliple people/customers,
> whatever. You can set up a seperate database on the Postgres/MySQL
> server for each customer, but how do you keep one customer from
> messing with another customer's database. You can put a password on
> the database, but how do you store the password in a secure fashion so
> your PHP script can send it to the backend when you try to make a
> connection?

maybe this is over-simplified, but could you store the db passwd as an
encoded string and use the base64_decode() function to read it?  granted,
you'd have to first use the base64_encode() function to get the encoded
string to store, but that's not hard...  i use this in one of my script to
base64-encode an e-mail address and use it as part of the URL
(...?Reply=<encode_string>) so that i can send the URL to someone and
retrieve/decode the e-mail address from $HTTP_GET_VARS without the
customer ever knowing what the e-mail address is...

another way you could do it is prompt for a passwd, then encript it and
compare it to a stored encrypted passwd (there's some function that
encrypts a string that cannot be decrypted w/ a PHP function)...

just some thoughts...

--
Jesse Kaufman                           |       WebSurf Internet Access
Administration / Web Development        |       www.websurf.net
glandix@xxxxxxxxxxx                     |       Ph: 316.945.7873
www.linuxfreak.com/~glandix             |       Fax: 316.946.9944
--

<<< Vim is a REAL man's text editor.  I don't know why anyone else would
    even bother with sissy programs like emacs, or even worse...  pico!  >>>





-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi