SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Zealot rhlowe's Avatar
    Join Date
    Sep 2006
    Location
    San Diego
    Posts
    116
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP PDO Question

    I have 2 servers in separate locations and different IPs. One serves PHP and the other MySQL. When I use PDO to connect from one server to the other, is any type of security/encryption used in the DB credentials I pass around. If so, where can I read about it? Gleaning the php.net manual pages didn't turn anything up for me.
    San Diego Freelance Web Development Contractor
    Great Taste, no Filler. Now with no Trans Fat!

  2. #2
    reads the ********* Crier silver trophybronze trophy longneck's Avatar
    Join Date
    Feb 2004
    Location
    Tampa, FL (US)
    Posts
    9,854
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    this is an over-simplification of the way mysql password verification works.

    1) client hashes password provided by user.
    2) client opens connection to server.
    3) server sends a magic value to the client.
    4) client hashes the already hashed password with the magic value and sends it to the server.
    5) server retrieves the hashed password from the mysql.user table and hashes it with the magic value.
    6) server compares the double-hashed values.

    see http://forge.mysql.com/wiki/MySQL_In...erver_Protocol
    Check out our new Industry News forum!
    Keep up-to-date with the latest SP news in the Community Crier

    I edit the SitePoint Podcast

  3. #3
    SitePoint Zealot rhlowe's Avatar
    Join Date
    Sep 2006
    Location
    San Diego
    Posts
    116
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks longneck! Have a
    San Diego Freelance Web Development Contractor
    Great Taste, no Filler. Now with no Trans Fat!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •