How does

Security issues related to php and mysql usage. How to make your code secure? Security measures and configurations? It's all in here!

Moderators: macek, egami, gesf

psycho
New php-forum User
New php-forum User
Posts: 10
Joined: Tue Nov 26, 2002 5:35 am
Location: The Nehterlands
Contact:

How does

Postby psycho » Tue Apr 01, 2003 3:50 am

Hi all,

hope live is good for you all :lol:

i'm trying to understand the way php works with mysql.

i did setup a small database for a webpage where poeple can comment. There will be one user to acces that database to review the comment. let's say user = "user" with pass = "test".

When is the login checked by mysql if a person connects or do i need to right a code inside of php to check the username and password.????

The question is because it does not mather if i login with or with out a username and password. The script will run and give no error even if i use this code

Code: Select all

 mysql_connect ($host, $user, $pass) or die ("No connection is made");


could somebody help me understand where it's going wrong.
Because i think that if i would put a query behind it, it does not mather if poeple give a username and password to be able to see it.

thanks for you're time
have a nice day

User avatar
Redcircle
Moderator
Moderator
Posts: 830
Joined: Tue Jan 21, 2003 10:42 pm
Location: Michigan USA
Contact:

Postby Redcircle » Wed Apr 02, 2003 5:16 pm

If the user does not exist in the database it will NOT error out.


Return to “PHP & MySQL Security”

Who is online

Users browsing this forum: No registered users and 0 guests

cron