PHP forum users, thanks in advance for your interest.
I am beginning LAMP,
can only access mysql using the mysql_connect statement.
created a limited mysql-user, granting many permissions for a test database only.
I entered that user in the mysql_connect expression
in the apache 2.4 log, reported access denied
(by the way, were do I find this event recorded in a mysql log?)
Yet with root user, access passed.
So-----
the password is not hashed. In fact standard linux-users have read privelege to the /var/www/html directory and can view the pwd!
How do people access mysql without exposed root password?
Is there a way to use mysql_connect with a limited mysql-user? What privileges need to be granted? Or required some other setting?
One could I guess limit access priveleges to /var/www/html? isn't that less secure than linux user-passwords for example, which are hashed?
another way -- encrypt the folder (I saw something like htaccess)?
Any suggested way, or reference to material? In particular, what is the shortest way for someone only beginning?
Thanks again!
Dan