so im looking to make a login for a website using PHPmyadmin, im pretty new to the whole SQL PHP thing, i can get the tables setup and everything working for the most part, having some issues getting the session_start(); $DATABASE_HOST = ‘’; $DATABASE_USER = ‘’; $DATABASE_PASS = ‘’; $DATABASE_NAME = ‘’;
part figured out, i know the host is the server IP/location, its the user/pass/database tags im confused about, there is an ANY account on my database admin page that can read data from the databases but is it possible to set it up so that way its an account that only has the ability to read the accounts table? like:
$DATABASE_USER = ‘login’; $DATABASE_PASS = ‘*’; $DATABASE_NAME = ‘Accounts’;
also the database name need to be the name of the database not the table correct? stupid question but just want to be 100% sure i know how some languages can be lol.
also, is it possible to take a users public PGP key, encrypt a random string of text and serve it to them, and have them verify the text with their private key as a way to authenticate identity?
Database name is the database name, not the table name
User is the user for your database. Look up how to create new users in phpmyadmin. You should be able to grant or revoke different accesses in phpmyadmin as well to achieve an account which can only read a specific table (search for information on grants)
Lastly, Id like to suggest you not write your own security techniques (auth, etc). Look up best practices and use them (JWT, OAuth, Session cookies, etc).
Seconding not writing your own security unless this is a learning excercise. That’s the kind of thing you should absolutely do once or twice to be sure you understand it, and then use something that’s had more eyeballs on it for your actual webapp.