Database Reference
In-Depth Information
that you have some scripts located in your web server's document tree. A properly
configured server executes the scripts and sends their output to remote clients. But if
the server becomes misconfigured somehow, the result can be that it sends your scripts
to clients as plain text, thus displaying your MySQL username and password. (And you'll
probably realize it too late. Oops.) If you place the code for establishing a connection
to the MySQL server in a library file located outside the document tree, those parameters
won't be exposed to clients.
Be aware that if you install a library file to be readable by your web
server, you don't have much security if other developers use the same
server. Any of those developers can write a web script to read and
display your library file because, by default, the script runs with the
permissions of the web server and thus will have access to the library.
The recipes that follow demonstrate how to write, for each API, a library file that con‐
tains a routine for connecting to the
cookbook
database on the MySQL server. The
calling program can use the error-checking techniques discussed in
Recipe 2.2
to de‐
termine whether a connection attempt fails. The connection routine for each language
returns a database handle or connection object when it succeeds or raises an exception
if the connection cannot be established.
Libraries are of no utility in themselves, so the following discussion illustrates each one's
use by a short “test harness” program. To use any of these harness programs as the basis
for creating new programs, make a copy of the file and add your own code between the
connect and disconnect calls.
Library-file writing involves not only the question of what to put in the file but also
subsidiary issues such as where to install the file so it is accessible by your programs,
and (on multiuser systems such as Unix) how to set its access privileges so its contents
aren't exposed to people who shouldn't see it.
Choosing a library-file installation location
If you install a library file in a directory that a language processor searches by default,
programs written in that language need do nothing special to access the library. How‐
ever, if you install a library file in a directory that the language processor does not search
by default, you must tell your scripts how to find it. There are two common ways to do
this:
• Most languages provide a statement that can be used within a script to add direc‐
tories to the language processor search path. This requires that you modify each
script that needs the library.
• You can set an environment or configuration variable that changes the language
processor search path. With this approach, each user who executes scripts that
