Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 145
  • Last Modified:

One or two databases?

The business I am designing a website we are considering making use of php and MySQL to automate some functions.

This business is unit storage and is divided into two departments in two different physical locations a considerable distance away.

We were considering moving from our manual system to one where the storage department can access a html page, login, view available units, and when one is rented send an invoice or a bill depending on how they have it set up.

Regardless I thinking of having two separate databases, one for invoices and bills, and granting both departments read access to both databases, but the ability to write only to their own database.

I had some questions
1. Have I provided enough information to let me know if I'm on the right track with two databases
2. I need some hefty reading on how to securely login to MySQL database from php. Ebooks are preferred. Would SSL affect this situation? I've worked through some books but I feel like I need something dense for it to be secure.
3. What is the best way to automatically and securely backup your databases? I'm guessing you can write some scripts?
4. I never learned SQL commands and I have to build these with that so I need a book to read on that too thanks
0
burnedfaceless
Asked:
burnedfaceless
  • 2
1 Solution
 
meb_santosoCommented:
Let's put all the technical stuffs aside for a minute:
-. have you considered to just place the whole system online so that the two departments can work on single db (or single set of db)?
-. It will save you development and deployment time, costs --and maintenance.

On your questions:
1. See above
2. Depends on your setup and/or deploment scenario. SSL will secure the transaction / data interchange between the client(s) and the server; i think it should also secure server to server connection.
3. Depends on your setup (again); on a *nux based server, you can make use of the cron command (google it, it's easy!). The easiest would be a daily backup of the whole database and/or system (html / php files as well) and let it transferred to some off-site location. Yes, scripts are available, but if you use cPanel for your web control panel, it's easier :-) *your mileage and preferences may vary*
4. Oh boy....
0
 
Ray PaseurCommented:
You probably need to get professional help from a web development company.  There are (at least) a couple of years of college between these questions and the best-practices answers.  With all the storage businesses that exists today, you may be able to find software that is already built; you can license something and get started immediately.  But you may find that this is PC software and not web enabled.

To handle the login portion, you can follow the design patterns here:
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html

You probably want to use ONE database.  More databases for something like this means more headaches.  Just learn about the "normalization" process and have a DBA help you organize your tables before you start.

SSL will help keep data secure during internet transmission, but the more likely security exposure will occur when a careless employee leaves a logged-in computer or accidentally loses a laptop.  Or when a programming error exposes data inappropriately.  Security is a full-time, four year college major at the University of Maryland.  You may want to join OWASP to learn more.

Automatic and secure backups can be arranged by your hosting provider. Consider cloud-based hosting or a highly professional host like Blackmesh.

The MySQL manual is all online, as is the PHP manual.  
http://dev.mysql.com/
http://php.net/docs.php
0
 
burnedfacelessAuthor Commented:
Thanks
0
 
Ray PaseurCommented:
Thanks for the points and thanks for using E-E, and best of luck with your project. ~Ray
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now