Protecting SQL Server for Private Usage

Multi tool use
Multi tool use


Protecting SQL Server for Private Usage



So I have an issue. I have a server, lets call it (testserver.net). Right now, to change the database, from my application, my app runs "testserver.netadd.php". The problem is anyone can run that and change things in my database. How do I make it that needs some sort of verification before running the code in add.php so no one can just have access to my server? (Like a password or something).





Let your application access the add.php with some secret tokens(make it a long string). if the token is not present with the request, deny access to the script file.
– Shan
Jul 2 at 5:45





3 Answers
3



create a token : 1MBASFDFACAUYTUG^%(!@UUIASNSR*_-+LASQWFVSA4QWYUI12670
,save this token safely with in your application.



Whenever you want to call the add.php pass the token like :


testserver.net?token=1MBASFDFACAUYTUG^%(!@UUIASNSR*_-+LASQWFVSA4QWYUI12670



add.php


$secret = $_POST['secret']; //use post or get
if($secret != $mySavedSecret){
die('intruder!!')
}





That URL data should be properly encoded... at least the percent-sign will makes troubles if unencoded.
– Lars Stegelitz
Jul 2 at 6:46





@LarsStegelitz exactly
– Shan
Jul 2 at 7:17



Place you add.php file in separate folder and password protect it, or you may use Password protect a specific URL solution


add.php





Can I use this if I call the url from my app?
– Ron Arel
Jul 2 at 5:42





i'm not sure about that, but you may try to pass authentication data (username and password) via your app. Or you think of some more sophisticated solution to authenticate your app... try to search around
– Lixas
Jul 2 at 5:45



You need to perform Authentication followed by Authorization. In PHP there are many frameworks which support this.



pls check this for basic authentication



https://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html



or you can use popular frameworks and follow their tutorials to perform this.



check this php micro framework Slim






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

AK1,Rwp9yVJD0aLKxgta 0,9zRzi yFge5C,pZ5,qmYopzNsF,pQ7Fd GM4BOE fu,ZVfCj T8aNNnsY0jZl wP
-
ZNS3EmqxnS344cR81XUj9tJILyqAA8LR6VdzbvtoFwY0G2U voPt2697CqiXSGjATO15QJb UVNY7HZb gh9kkC J,ONllk

Popular posts from this blog

Rothschild family

Image
"House of Rothschild" redirects here. For the film, see The House of Rothschild. For other uses, see Rothschild (disambiguation). Rothschild Jewish noble banking family Coat of arms granted to the Barons Rothschild in 1822 by Emperor Francis I of Austria Ethnicity Jewish Current region Western Europe (mainly United Kingdom, France, and Germany) [1] Etymology Rothschild (German): "red shield" Place of origin Frankfurter Judengasse, Frankfurt, Holy Roman Empire Founded 1760s (1577  ( 1577 ) ) Founder Mayer Amschel Rothschild (1744–1812) (Elchanan Rothschild, b. 1577) Titles List Freiherr von Rothschild (1822) Baronet, of Tring Park (1847) Baron Rothschild (1885) Traditions Judaism, Goût Rothschild Motto Concordia, Integritas, Industria (English: Harmony, Integrity, Industry ) Estate(s) List British properties Château de Ferrières Palais Rothschild Cadet branches List Austrian branch English branch French branch Neapolitan branch A Rothschild house,...
Read more

Boo (programming language)

Image
Boo Paradigm Object oriented Designed by Rodrigo B. De Oliveira Developer Rodrigo B. De Oliveira First appeared 2003 ; 15 years ago  ( 2003 ) Stable release 0.9.7 / 25 March 2013 ; 5 years ago  ( 2013-03-25 ) Typing discipline static, strong, inferred, duck Implementation language C# Platform Common Language Infrastructure (.NET Framework & Mono)/ License BSD 3-Clause [1] Website github.com/boo-lang , boo-lang.org Influenced by C#, Python Influenced Genie, Vala Boo is an object-oriented, statically typed, general-purpose programming language that seeks to make use of the Common Language Infrastructure's support for Unicode, internationalization, and web applications, while using a Python-inspired syntax [2] and a special focus on language and compiler extensibility. Some features of note include type inference, generators, multimethods, optional duck typing, macros, true closures, currying, and first-class functions. Boo was one of the three scriptin...
Read more