普通网友 2018-09-03 23:11
浏览 79
已采纳

PHP,MySQL应用程序用户和凭据应该在应用程序或数据库上运行? [重复]

This question already has an answer here:

We are creating PHP/MySQL web application.

On one side:
I have my PHP developer that believes creating a table with users/passwords/permissions to give or deny access to some parts of the final application.

On the other side of the equation, my DB expert wants to use the database directly to create users/passwords/permissions.

For the DB option, I think we need to create a separate web service in front of MySQL, for this to work? or do I give users direct access to the DB?

What would make the best way to do this? How does well stablish php/mysql apps work, like Dupral or Joomla?

Yes this is a question about design best practices, but I need to find out the best practices for PHP/MySQL development. Is MySQL supposed to manage web users, or just one DB user and the rest on the app level.

</div>
  • 写回答

1条回答 默认 最新

  • dongri1989 2018-09-03 23:30
    关注

    Go with the PHP route.


    Whether you create the logins through PHP or directly through MySQL, they'll still end up in your MySQL database. There are a few differences between the two approaches though. The main point being that if you go the PHP route, your users will be able to create their logins themselves (which means picking out their passwords themselves). If you go the database route, your users will have to have passwords allocated to them.


    In MySQL, it's possible to use something like SHA() to securely hash a password (with a salt), though as far as I'm aware you're unable to pick a more secure encryption algorithm in MySQL. SHA-256 / SHA-512 will almost certainly suffice for your needs, though you may want something a bit more secure.

    With PHP, you have access to methods like password_hash() and password_verify(), which can be used alongside alongside an algorithm like PASSWORD_BCRYPT or PASSWORD_ARGON2I (which is much more secure than the standard SHA-256 or SHA-512).


    Finally, you have to consider what should happen in the event of a database breach (which there are roughly 30,000 of every day). As previously stated, the encrypted password is stored in the database in either case. If you create logins through MySQL, you'll likely also be exposing the method of encryption (possibly along with any salts used). If you build the logins through PHP, an attacker would need full shell access to your website in order to be able to work out how you encrypted your passwords.


    Most importantly, never give users access to your database. In fact, I would recommend ensuring that your main database user role only has the required privileges to interact with the data (likely SELECT, INSERT, UPDATE) and using a separate user with CREATE privileges for creation of the users.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?