When making a new connection with PDO:
$conn = new PDO( DB_DSN, DB_USERNAME, DB_PASSWORD );
It appears you have to specify a database in the DB_DSN, e.g.
mysql:dbname=mydatabase
I have however just discovered that this does not limit subsequent queries using this connection to just this database. Any other databases that DB_USERNAME has permissions for can be used. All it appears to do is specify a default.
It has revealed for me that sometimes, queries were not being specific enough and thus a risk that a table in the wrong database would be accessed.
I am thinking I should create a dummy database, make all connections to that database, thus forcing all queries to include the database name explicitly.
Or: is there a way to make a connection exclusive to a given database?
What is best practice here?