CodingForums.com - Help on security!

Good day to all,

First my purpose is to share my database connection to someone (other server) but I want to restrict them from modifying it. It is just for viewing data not for modifying.

Code:

/*this is my php file that I wanted to share wherein the database connection can be found.

it's name for example is conn.php*/



mysql_connect('localhost,root,rootpassword');

mysql_select_db('db_database');

Now that I have my conn.php containing the sensitive part of my database including a password. This is the php file from another server that I want to share my conn.php to.

Code:

/*this is my php file from another server that will use my conn.php.

it's name for example is client.php*/



include 'http://www.mysite.com/conn.php';



$viewrecord = mysql_query("select * from record where id = 'myname'");



while ($result = mysql_fetch_array($viewrecord))

{

   echo $result['name'];

}

Now, we have settled the connection, and the client can view now the record from table record.
What I'm afraid of is, What if the client.php did something like:

Code:

include 'http://www.mysite.com/conn.php';



$name = "I will";

$age = "destroy the hell";

$address = "out of your database hahaha";



mysql_query("update record (name,age,address) values ('$name','$age','$address') where id = 'myname'");

Man that will be the worse day of my database if he did something like that, please advice me of some of security techniques.

Thanks!:thumbsup: