|
Hello.
My site 'launch to the public' date is looming. Ive always used root user and never added any more users or granted permissions. My question is - is it necessary?. i was under the impression it would be but having read a page from a php book im not so sure. it says:
' In most cases when you are accessing Mysql through an internet provider, you will only have one user and one database available to you. By default, that one user will have access to all users in the database and will be allowed to perform all commands. In this case, the responsibility is yours as developer to create a secure application through your programming' Quote from SAMS teach yourself PHP, MYSQL and APACHE by Julie C meloni.
Now, all my scripts are written so that the only tables that can be modified are the ones necessary. i.e showcart, customer details etc. The product tables, which obviously i want to be the only person able to modify, are not ever issued with insert, delete or drop queries in my scripts. Is it possible for a hacker to get into my site and write such queries somehow?? Or am i safe to leave visitors to my site as root users??
Thankyou in advance
|
