Database editors and security
Printed From: Web Wiz Forums
Category: General Discussion
Forum Name: Database Discussion
Forum Description: Discussion and chat on database related topics.
URL: https://forums.webwiz.net/forum_posts.asp?TID=17252
Printed Date: 29 March 2026 at 9:21am
Software Version: Web Wiz Forums 12.08 - https://www.webwizforums.com
Topic: Database editors and security
Posted By: mantey
Subject: Database editors and security
Date Posted: 14 November 2005 at 2:16pm
|
I want to aks some question. I want to be able to edit Database over the browser, but I have some doubts about security of Database Tools, Database and Table editors.
I want to ask, which (free) Database editor is the best and want to know if there is any security risk using some Database editors. Some editors have a very simple login system, where you put the username name and password in the asp page. I am wondering. Is it possible for someone to download a code of the asp page (not the HTML code, but the whole ASP script of certain asp page) via Internet and get the username and password in it. I am a little bit affraid, because if someone can get this, then he/she can mess with my database.
Can somebody answer me?
|
Replies:
Posted By: dpyers
Date Posted: 14 November 2005 at 8:14pm
|
Tools depend upon what type of db you want to edit. - Access, MSSQL, MySQL ? An asp page can't be downloaded, the server will execute anything ending in .asp rather than deliver it for download. Just make sure that you have write permissions turned off in directories where you have your asp scripts. If write permissions are turned on, someone can upload their own asp script and use it to read yours. ------------- 
Lead me not into temptation... I know the short cut, follow me. |
Posted By: mantey
Date Posted: 15 November 2005 at 11:58am
| I am using MS Access Database. Do you have any suggestion which Database editor (ASP script) to use. Which editor is good and safe to use? |
Posted By: theSCIENTIST
Date Posted: 15 November 2005 at 6:39pm
|
Yes, as it was said, .asp pages can't be retrieved just like that, however, as you submit your credentials to the database server for authentication, these can be intercepted in transit, unless you use HTTPS.
I'm also wondering, if Enteprise Manager for MSSQL or Control Panel for MySQL do encript credentials when connecting to remote servers? Anyone? ------------- :: http://www.mylittlehost.com/ - www.mylittlehost.com |
Posted By: dpyers
Date Posted: 15 November 2005 at 7:47pm
|
There's several Access editors available. I've always had MS Access so
never really used any of the 3rd party editors. I do know that a lot of
people like http://www.2enetworx.com/dev/projects/tableeditor.asp - http://www.2enetworx.com/dev/projects/tableeditor.asp -------------
Lead me not into temptation... I know the short cut, follow me. |