I'm working on a small Perl/CGI script that will query a database of daily updates and generate a web page with it (essentially a blog). But I'm not sure how to deal with security.

My site is hosted remotely by a hosting service, and I don't have access to the MySQL database to change permissions (either mine or someone else's). As is customary, to access the database, I have to pass a user ID and password. But I only have one user ID/password for my database. How do I authenticate my query? I obviously can't give that user ID/password to everyone, and hard coding it in the script goes against every secure computing principle (even if the script is secured).

I'd prefer references to this, if anyone has any, but straight answers are just as good.

Nat

In reply to MySQL CGI Security by Phemur

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.