I have a website that allows viewing and modifying of a MySQL database using PERL CGI scripts and I haven't a clue how to do the security.

People who don't log in should only be able to see limited parts of the data. Others should be able to login and view all parts of the data. Trusted people should be able to login and modify the data.

This is basic stuff and obviously my PERL scripts have to be involved as they must know the identity of the user in order to allow the correct access and show the appropriate forms. But is the identity given to them via .htaccess basic website security, MySQLs own user/password security or perhaps I should ignore both those and write all the user/password stuff within the scripts? Or maybe there is a 4th option I don't know about?

There must be tutorials and guides available on the Internet - but I must be searching using the wrong keywords because I can't find any straightforward instructions giving best practice.

Either advice or a pointer to a website explaining the best approach would be very much appreciated...

Thanks.

In reply to Basics: CGI MySQL security by jfrm

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.