[Deji]

g-stylezzz' MySQL plugin uses this in the example:

pawn Код:

#define SQL_HOST "host"
#define SQL_DB "database"
#define SQL_USER "username"
#define SQL_PASS "password"
#define TABLENAME "users"
[...]
mysql_connect(SQL_HOST, SQL_USER,SQL_DB, SQL_PASS);

Is this the safest way to do this? I guess it'd take .amx access to retrieve the information, but I'm still unsure about it.

[JaTochNietDan]

Well, yes it would require .amx access and a de-compiler (even at that I'm not sure it will be able to de-compile that information anyway), but the safest option is to have the MySQL user passworded and only allow local connections, therefore remote connections are not allowed to the MySQL server.

This combination will pretty much block any attempt at getting into the database, unless they manage to somehow get control of your server or get scripts onto your server.

[Deji]

Thanks, I'll keep the local connections thing in mind if I can figure it out (previous databases I've had are already set up to my needs - I just know about creating and maintaining tables) but for now, just knowing this is somewhat secure is good enough... I'll probably only allow testers on until I get a hosted server.