Jump to content

Rewriting mysql_* functions


guitarclap

Recommended Posts

I have issues with security. Is there a way to rewrite all the mysql_* functions in PHP to something else...

 

Like instead of \'mysql_db_query()\' ... can i name id \'getQuery()\' ... or so on.

 

The reasons are, if somehow someone can upload a script onto my server, the common database functions will allow them to access anything. Would changing these function names increase security?

 

Thanks

Brnadon

Link to post
Share on other sites
  • 1 month later...

you don\'t have to edit the php source for this... just do

[php:1:1eb605ea67]<?php

function query_db($query){

$mysql_query=mysql_query($query);

return $mysql_query;

}

$sample_query=query_db(\"select * from table order by column asc\");

?>[/php:1:1eb605ea67]

 

just some simple shit....

Link to post
Share on other sites
I have issues with security.  Is there a way to rewrite all the mysql_* functions in PHP to something else...

 

Like instead of \'mysql_db_query()\' ...  can i name id \'getQuery()\' ... or so on.

 

The reasons are, if somehow someone can upload a script onto my server, the common database functions will allow them to access anything.  Would changing these function names increase security?

 

Thanks

Brnadon

 

If people are able to upload scripts to your webspace, then that\'s where your security problem lies. Using the raw functions will do nothing at all unless people know that you have certain include files that you use which provide a database connection.

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.