Jump to content

Archived

This topic is now archived and is closed to further replies.

guitarclap

Rewriting mysql_* functions

Recommended Posts

I have issues with security. Is there a way to rewrite all the mysql_* functions in PHP to something else...

 

Like instead of \'mysql_db_query()\' ... can i name id \'getQuery()\' ... or so on.

 

The reasons are, if somehow someone can upload a script onto my server, the common database functions will allow them to access anything. Would changing these function names increase security?

 

Thanks

Brnadon

Share this post


Link to post
Share on other sites

I don\'t see this changing anything at all. Security is not in your function names. Access is handled with your grant tables, people don\'t just have access automatically, unless you allow it.

Share this post


Link to post
Share on other sites

you don\'t have to edit the php source for this... just do

[php:1:1eb605ea67]<?php

function query_db($query){

$mysql_query=mysql_query($query);

return $mysql_query;

}

$sample_query=query_db(\"select * from table order by column asc\");

?>[/php:1:1eb605ea67]

 

just some simple shit....

Share this post


Link to post
Share on other sites
I have issues with security.  Is there a way to rewrite all the mysql_* functions in PHP to something else...

 

Like instead of \'mysql_db_query()\' ...  can i name id \'getQuery()\' ... or so on.

 

The reasons are, if somehow someone can upload a script onto my server, the common database functions will allow them to access anything.  Would changing these function names increase security?

 

Thanks

Brnadon

 

If people are able to upload scripts to your webspace, then that\'s where your security problem lies. Using the raw functions will do nothing at all unless people know that you have certain include files that you use which provide a database connection.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.