Connecting to database

[Schlo_50]

I have been working on a website which uses a ms access database. During development I have been connecting to the database using the database name only, leaving the username and password fields blank. When setting up a system dsn for the access database I purposely left the username and password fields blank also which all worked fine and I was able to connect and use my database.

 

Now, the site is complete and I want to implement the final security method and change the username and password of the system dsn to something secure. I have done this but during testing I noticed that if the details in my database connect script were different from the system dsn username and password I could still connect to my access database.

 

I was wondering if any of you could take a look at my connection script and see if anything is glaringly wrong, or if anybody knows if setting a system dsn username and password actually protects the database in question.

 

Connection Script:

 

<?php
$odbc = odbc_connect('CentralDatabase', 'root', '') or die('Could not Connect to ODBC Database!');
?>

<? 
if(!function_exists('odbc_fetch_array')) 
{ 
  function odbc_fetch_array($result, $rownumber=-1) 
  { 
      if (PHP_VERSION > '4.1') 
      { 
          if ($rownumber < 0) 
          { 
              odbc_fetch_into($result, $rs); 
          } 
          else 
          { 
              odbc_fetch_into($result, $rs, $rownumber); 
          } 
      } 
      else 
      { 
          odbc_fetch_into($result, $rownumber, $rs); 
      } 
       
      $rs_assoc = Array(); 
   
      foreach ($rs as $key => $value) 
      { 
          $rs_assoc[odbc_field_name($result, $key+1)] = $value; 
      } 
       return $rs_assoc; 
  } 
} 
?> 

 

Thanks for any help guys!