Jump to content
Larry Ullman's Book Forums

Recommended Posts

Thanks Larry.

MySQL has multiple tables.  One table has a column named "GradeEarned".  Whoever is doing this is deleting nearly all the data in the column named "GradeEarned".

 

Here is the connection script that is stored in the "includes" folder of the webroot. it is named mysqli_connect.php.  I have replaced the password in this script with '???????????????".

=====================

<?php # Script: mysqli_connect.php
// This file contains the database access information. 
// This file also establishes a connection to MySQL 
// and selects the database.
 
// Set the database access information as constants:
DEFINE ('DB_USER', '???????????????');
DEFINE ('DB_PASSWORD', '???????????????');  
DEFINE ('DB_HOST', '???????????????');
DEFINE ('DB_NAME', '???????????????');
 
// Make the connection:
$dbc = @mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
 
// If no connection could be made, trigger an error:
if (!$dbc) {
trigger_error ('Could not connect to MySQL: ' . mysqli_connect_error() );
} else { // Otherwise, set the encoding:
mysqli_set_charset($dbc, 'utf8');
}

==============================

 

I have not been able to store this connection script outside of the Web documents directory as you suggest in your MySQL and PHP for Dynamic Websites.  GoDaddy says they can not grant me acess to such a location.

 

I have removed all user accounts for this site except for my user account.

 

I am not sure that anything can be done?

 

Thank you for considering my issue.

 

Wes smith

Link to post
Share on other sites

Change you mysql credentials as fast as possible. You shared all details publicly on this forum, so they are no longer safe to use. This is a much bigger problem than a user changing a few columns!

 

Other than that, I'll bet the issue is not related to your connection, but instead has to do with one or more of your queries. You're most likely not effectively cleaning user input somewhere so a user can change your query in some way. We need to see some of those queries.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...