2

I want my clients (reseller clients) to be able to connect to my database (mysql) from their different sites without being able to see the file that has teh db connection parameters using PHP.

Please how can I achieve this?

DOK
  • 32,337
  • 7
  • 60
  • 92
Yanki Twizzy
  • 7,771
  • 8
  • 41
  • 68

2 Answers2

2

By using tunneling. You need to create a script that connects to MySQL and exposes MySQL PHP API to the requesting party. After that your resellers use that script to talk to MySQL. That indicates that the tunneling script itself should have some sort of password protection so you don't get anyone using your MySQL.

Michael J.V.
  • 5,499
  • 1
  • 20
  • 16
  • Could you give an example of such a script, or a link to an example? – DOK Jun 07 '11 at 09:43
  • SQLYog (my favorite MySQL GUI) has one such script, used with http tunneling. Download the program and you can get the code and play with it. There's a brief explanation at http://webyog.com/faq/content/21/19/en/what-is-http_tunneling.html that explains how SQLYog uses HTTP tunneling. It's useful when you can't connect from remote IP, only from server's localhost. That's where tunneling scripts goes into play. – Michael J.V. Jun 07 '11 at 09:54
  • Thanks for the help. I have downloaded the program but I could not find any code that I could play with – Yanki Twizzy Jun 07 '11 at 15:42
  • The tunneling is supported in Enterprise edition of the program, which means that I'm not really allowed to post the code of their php script :) however, if you want to allow your users to use mysql_* or mysqli_* or even PDO - without actually exposing the db credidentials - it won't work. You can only create a wrapper (tunneling script) that they use and then you build an API for them to use. It's not really the best practice, I'd simply expose MySQL to resellers with an account that prevents them from damaging the database. – Michael J.V. Jun 07 '11 at 15:47
1

This question will tell you how to encrypt the connection string.

And this one tells you how to connect securely.

Community
  • 1
  • 1
DOK
  • 32,337
  • 7
  • 60
  • 92
  • That's not the proper answer. How would you let your resellers connect then? By giving them encrypted data and key to use with PDO / mysql(i)_ functions? – Michael J.V. Jun 07 '11 at 09:36
  • The question says they are connecting using PHP. Are you thinking that they are going to connect in some other way? – DOK Jun 07 '11 at 09:41
  • What's the point of encryption if the OP wants to **hide** the DB details? They need to decrypt the data so it can be used with mysql functions, meaning they can also read the actual connection info. That makes encryption totally pointless, so it's not a proper answer. – Michael J.V. Jun 07 '11 at 09:52