I have designed a database cinema booking app. I expect to get quite a few visitors. In the connection to the database, I user a standard user/password combination.
How can I ensure that this username/password combo has no privileges for example modifying/updating/deleting the db? Can I do this in phpMyadmin?
And I also keep reading about placing your connection files in the top layer or something, in the event that the site goes down.
If you have a dedicated server then in phpMyAdmin you can edit the permissions via the 'mysql' database. If you have normal hosting, you must ask you hosting provider to change te settings for you.
About the passwords at top level: Make a file called: include.inc and place in the folder that contains either: public_html or www or public_ftp. It should all be the folder. Then at the top of php scripts add:
include("/home/username/include.inc");
Change the absolute path to your own. Inside include.inc place the $username = "";
$password = "";
$host = "";
and if you want $database = ""; but not neccessary. Then in normal php connect to the database after including the file or again, you can connect in the include.inc file.
If you have a dedicated server then in phpMyAdmin you can edit the permissions via the 'mysql' database. If you have normal hosting, you must ask you hosting provider to change te settings for you.
About the passwords at top level: Make a file called: include.inc and place in the folder that contains either: public_html or www or public_ftp. It should all be the folder. Then at the top of php scripts add:
include("/home/username/include.inc");
Change the absolute path to your own. Inside include.inc place the $username = "";
$password = "";
$host = "";
and if you want $database = ""; but not neccessary. Then in normal php connect to the database after including the file or again, you can connect in the include.inc file.
Hope this helps
-Peter
That is what I am doing (in order that all db connections are controlled by one file), but I thought the .inc file has to be (?) in the same folder as the website (there is no "includes" folder).
For example, this is a simluation of the folder structure:
Each are different websites, all running of the same server. Is the .inc file safe, in the same folder as the website folder of the database it is plugging into, or, could/should this .inc file simply be placed in 'top level' (i.e. public_html/putithere) and then use folders in the top level for each website running off that server?
Bookmarks