I need to put a batch file I’ve designed on a number of clients computers which automatically connects to my web-server, activate a php file, and download a CSV of their newly joined members for import.
The problem is, this batch must contain the username and password to my server, which is obviously a terrible security risk, especially with personal details contained within the same mysql database.
Is it possible to completely secure batch files so that they cannot be edited/read (Or enough to stand up legally) or can anyone suggest a more secure way for me to implement this?
Many thanks in advance,
Ian
If you have to do this via FTP and a batch file, then create another account for your downloads. Look up chroot as a method to restrict what can be downloaded.
You should not be using the same password for FTP and MySQL.
Best way of doing this would be to use something other than a batch file to download the csv; a simple application in another language would allow the user to enter individual account details, which would allow you to control access properly.
EDIT:
Create a CSV File for a user in PHP
What’s the simplest way to call Http POST url using Delphi?
Downloading a file with HTTP in Delphi