Database access - keeping it secure
I have a form that I want to store the input in a SQL database. How do I keep the database access secure? Do other web applications code the database signon and password in the program?
<strong>How do I keep the database access secure?</strong>
Keeping database access secure involves two things primarily:
1. Choosing a strong password. Ensure your database password is at least 8 characters and contains a combination of uppercase / lowercase / numbers / and special characters.
2. Ensuring your PHP code has built in checks for common hack techniques, such as <a href='http://en.wikipedia.org/wiki/Code_injection' target='_blank'>code injection</a>.
Please keep in mind that database security (and security in general) is a huge concept. If companies like Sony (playstation 3) YouTube can be hacked, it's a possibility than anyone can be hacked.
<strong>Do other web applications code the database signon and password in the program?</strong>
Yes, most php applications will store the database username and password either in the php code directly or in an include file, such as include.ini. If you're looking for a specific example, we actually have an online tutorial for <a href='http://www.inmotionhosting.com/support/edu/website-design/using-php-and-mysql' target='_blank'>using PHP to interact with a MySQL database</a>.
I hope this helps point you in the right direction. Feel free to post any follow up questions in the comments at the bottom of this page.
Like this Question? Tweet