thanks for the hint with the Apache authentication with Mysql, i was just wondering why in general databases don't have the approach of bringing the entered data in a relation to the users, as this would bring up totally different and (in my opinion) better security from the backend.

you would not need to put any database-user-password somewhere in your .pl or .cgi script (except the www-user that can only read).
thanks again,
parasew