2011-10-28, 08:56 PM
I am making a plugin that would work the best if it could remotely access a SQL database. If I enabled remote SQL and made a SQL account that only has SELECT priveleges, would there be any security dangers?
2011-10-28, 08:56 PM
2011-10-28, 09:47 PM
Well, if the script is not SQL injection resistant, the hacker would have remote access to your server 
You are better off getting your info from a PHP file that is stored on your SQL server and has access to the info. Then having some kind of verification of users, and only give out the info your plugin needs, instead of leaving your whole DB open to the hacker
You are better off getting your info from a PHP file that is stored on your SQL server and has access to the info. Then having some kind of verification of users, and only give out the info your plugin needs, instead of leaving your whole DB open to the hacker
2011-10-29, 02:05 PM
Ok, yeah, that sounds safer