Security issue regarding DB access from JS?

I'm currently writing a one-page web app that does everything via AJAX. Since I want to be able to use a mySQL database, I've written a short php script which runs a passed query against the database and returns the result as JSON object.

That way I can use DB queries directly from JavaScript, which is awesome. The problem is: everybody else visiting the site can do this, too. I'm using sessions of course, but still.

So my question is: do I only allow very specific queries? Or is there some easy way to protect the system against tampering? Or should I ditch this altogether because it's just too unsafe?

Thanks in advance for professional advice.

3 Answers

  • Jeff P
    Lv 7
    6 years ago
    Favourite answer

    I think Fred basically types the same thing for every PHP question. :D

    But seriously--as long as you're authenticating the user, sanitizing and validating the input, and your database user has the bare minimum set of permissions to do its job, you have absolutely nothing to worry about. These are the things you do to prevent tampering. Since the script is on the internet, anyone can potentially tamper with it, but as long as you implement these safe guards, then you'll be fine. You can always take it a step further and use PDO which will completely eliminate SQL injection attacks--but if you're already sanitizing and validating your input, then you really have nothing to worry with that either.

  • Anonymous
    6 years ago

    Way to insecure. Your site will be owned by hackers within a very short time, probably running background illegal sites of their own. Like child porn. You NEVER give any iuser direct access to the database. You need to set up a limited database user with the minimum privileges you need to run the site. You need to set up a database connection script in a folder beneath the directoryroot, which is NOT viewable by visitors and include that in php scripts whenever you need to connect. For any user interaction you need to store user details and an encrypted copy of their password. You MUST verify and validate ALL user data input before allowing it. Otherwise a very small logic code in user name or password fields can give them full access to the site, inckuding the admin database user, with NO password or they can post scripts or links to scripts to gain access. You write all the queries you want users to be able to access and write the code around those to read back data and build the html according to users and their requests.

  • 4 years ago

    frequent rollback saves at the server, like every 3 minutes to an SSD or something???

    Oh look, that database was deleted! for 3 minutes! un-neener.

Still have questions? Get answers by asking now.