RiggsFolly Wrote:
-------------------------------------------------------
> Take a look at the MySQL documentation for the
> parameter Oto mentioned.
>
>
skip-grant-tables
>
> That should explain all you need to know.
>
> There is a link at the bottom of this post.
Hello Riggs, Have a nice day.
I think you have not understood what I mean to say.
1. I have created a script.
2. I have created a file 'dbcommon.php' including a database, its user and a password for it.
3. I have sold the php script to a customer.
4. I have entered in phpmyadmin and created the database, user and the password mentioned in 'dbcommon.php' in my script.
5. But I have concealed the password for that database to the customer. I never tell the password for that user.
6. The script runs well in 'localhost' of that customer.
7. I have obfuscated the 'dbcommon.php' file in which the details of the database, username and password have been mentioned.
8. When the customer type localhost in the address bar of browser, the index.php file will check the 'dbcommon.php' file and if a database exists with the same name, username and the password, the php script will run, if such a database with the name along with the same name, same username and same password mentioned in 'dbcommon.php' file, the php script won't run.
9. When the customer enters into phpmyadmin, he will know the name of the database name and username for it. But he will not know the password created for that username. If he checks the 'dbcommon.php' file to know the details of database, username and password, he cann't know them. Because the 'dbcommon.php' file has been obfuscated. So he cann't read that file.
10. If the customer copies the php script and to 'htdocs' folder of his friend and create the same database in phpmyadmin, but he cann't create the same password for the user of that database as he doesn't know the password which was defined in 'dbcommon.php' file.
11. If he creates the database with the same user and create any password as he desires and type 'localhost' in the address bar of browser, the php script won't run. Because the username and password which were created for that database won't match with the username and password mentioned in 'dbcommon.php' file.
12. So the customer and his friend cann't run the same php script in any other computer.
This is the complete idea to protect a php script in localhost.
Am I right? Isn't it right process?
Please respond to this explanation. Thanks in advance.