comment on

Thanks for all the help. Sorry I didn't do much searching beforehand.

My main focus, I should have said, is the less clueful user. I'm trying to create a script which anyone can drop in quickly and use with minimal setup.

And this is presumably the reason why MT did it that way? What happens if you use the DBD approach mentioned above, but you can't trust your users to know how to set permissions correctly? Is their approach a bit kludgey, but justifiable in the context of security for people who don't understand security?

I'm still not sure how the bad guys could get my username and password if I have it in a regular CGI script and don't use CGI::Carp or anything which would give out error specifics to a browser.

Nobody says perl looks like line-noise any more
kids today don't know what line-noise IS ...

In reply to Re: hiding username/password in database scripts by Cody Pendant
in thread hiding username/password in database scripts by Cody Pendant

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


Pathologically Eclectic Rubbish Lister
	PerlMonks