On Fri, 31 Oct 2003, Matt Clark wrote:
> I was more thinking that it might be possible to manage the security at a different level than the DB.
>
We do this with users and permissions.
Each virtual host has an apache config include specifying a db user,
pass (and database, although most of them use the same one).
Permissions on the database tables are set so that a given vhost can
only access their own data.
Our setup is mod_perl. Don't know how one would go about doing this with
PHP, but I imagine it has some mechanism for per-vhost variables or
similar.
-j
--
Jamie Lawrence jal@jal.org
"Remember, half-measures can be very effective if all you deal with are
half-wits."
- Chris Klein