On 8/23/07, Jason Pruim <[EMAIL PROTECTED]> wrote: > > I am planning on having the database open to customers of mine to > store their mailing addresses on-line, and be able to manage the > records. > > Is it safe, to have 1 database with lots of tables? Or am I safer > setting up separate databases for everyone? > > I should mention, no one will be accessing the database directly, > it'll be through a web interface and php to display it.
Assuming that the web server runs on the same box as the MySQL daemon ... you want to firewall the server so that nobody can connect to the MySQL daemon directly from outside the box. It is also a bad idea to allow the users to have shell accounts on that box unless you have taken additional security precautions (specifically, being sure the MySQL userid/password you're using are secure from all but the web server UID/GID, and that no other userid/passwords have access to the database you're using). Once that is done, all access to the database is controlled by the PHP scripts, and there is no security advantage to having multiple databases. I'm assuming that users have to log in individually (jsmith, bjones, etc.) and that the PHP scripts then carefully control what each user is allowed to modify. I'm also going to assume that you've handled all the obvious technology issues, such as: a)Database transactions/atomic actions. b)Terminating TCP connections and ensuring that each PHP script runs to completion, anyway, and that the database isn't left in an indeterminate state due to this. Dave.
