miligraf Posted May 6, 2006 Share Posted May 6, 2006 I got a tutorial management system in which i can add, edit or delete tutorials; how do i make those files secure? and can the index (where you see all the tutorials) can it be secured?i dont wanna find one day that someone just erased all the database.thx. Quote Link to comment Share on other sites More sharing options...
SharkBait Posted May 7, 2006 Share Posted May 7, 2006 I guess it would depend on what management scripts you are using.As for the database, make sure the user account that can directly access the database has a tricky password. Alphanumeric, non-common dictionary word, etcAs for your management system and making sure other people, when logged in, do not delete tutorials. I'd check to see if there are 'user levels' so that if you're not a certain level you can not delete the entry. I have one thing I've implementated where the user who creates the entry, is the only one allowed to delete it unless they are of the highest userlevel. This of course the user only accesses via PHP and has no access to the actual database itself. Quote Link to comment Share on other sites More sharing options...
miligraf Posted May 7, 2006 Author Share Posted May 7, 2006 i meant something like SQL injection thing...but also, i added some .htaccess but it only works when trying to access the folder, if i know the exact name of a file inside, i can access it...lol. since i have all done, is there an easy way to create a login thingy with PHP without making a big mess? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.