Database

[nickbe]

We're on a server with limited Mysql databases.

Also it would be great to be able to run the site with just php -S which seems to work perfectly except the current need for mysql. Is it difficult to use Sqlite instead.

I suggest for such a database with only a few tables and few - one tiny sqlite database
per registered user would be very handy solution.

[zeruniverse]

1. I think most server with PHP would have MySQL database. What do you mean by limited Mysql databases?
2. Think about cloud computing platform that does not give write permission to disk, but ask you to store files to their file server using some API...

[nickbe]

We're on a managed server here, where we have only a limited amount of mysql databases available. And I'm not allowed to mix tables from different apps into one database like with prefixes.
Additionally I saw a guy hacking into mysql based sites. Took him only a couple of minutes to hack several seemingly secure sites. Since we're talking about real secure stuff here I would prefere either sqlite or just plain text storage.

[zeruniverse]

Hi,

Actually, this project only need a SQL server instead of MySQL server. If
you think SQLite is good, just modify function/sqllink.php to connect to
SQLlite server. That's the only file you need to edit. But I won't put this
into my project for following reasons:

For your second question, I use PDO in my implementation with data sent
separately from query. I don't think SQL injection is likely here. Yes, all
old technology for connecting database in PHP is insecure. By the way, you
will have no less trouble using SQLite. Because you still use SQL. SQL
injection is not something just for MySQL.

For your first question, I think you're using a really special environment.
You even don't need a server/VPS. All PHP web hosting you can buy
online nowadays is with MySQL. So it's reasonable to use it. But there's
some platforms making their code folder not writable. In this case. your
SQLlite and plaintext won't work. I never used SQLite before, but I think
it supports SQL query just as MySQL do. So if you really need SQLite, just
modify function/sqllink.php to connect to your SQLite.

On Sunday, 20 March 2016, nickbe notifications@github.com wrote:

We're on a managed server here, where we have only a limited amount of
mysql databases available. And I'm not allowed to mix tables from different
apps into one database like with prefixes.
Additionally I saw a guy hacking into mysql based sites. Took him only a
couple of minutes to hack several seemingly secure sites. Since we're
talking about real secure stuff here I would prefere either sqlite or just
plain text storage.

—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#38 (comment)

[nickbe]

I'll try to implement an alternative in sqlink.php. Maybe let the user choose in the config. Php which database to use. If everything works as expected I let you know anyway. Maybe it's at least worth to consider an optionaö alternative.