Welcome, Guest ( Customer Panel | Login )




 All Forums
 VPCart Forum
 General help me questions
 Access/MySQL and my lack of knowledge
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

dwight
VP-CART New User

USA
143 Posts

Posted - September 07 2006 :  06:11:30  Show Profile  Reply with Quote
I decided to switch from Access (current configuration) database to MySQL. My website is partially developed. with that in mind would it be better to just reload VPASP (packaged with options) with the newest updates and start from scratch. I am guessing this will eliminate any potential for bugs when switching from Access to MySQL.
From viewing the user forum it seem that there are issues in using MYSQL and also when swithcing from Access to MySQL. I didn't have any issues when working with Access and I am only swithching because many users agree that MYSQL is safer from hackers.
To show complete lack of intelligence if my webhost provides 5000MB of disk space and 100MB of MySQL database what are they each supposed to be used for. Are the images still kept on the disk space and what would be kept in the MySQL databse.
Sorry to ask the last question but if a payment gateway and merchant account is used and your customer accounts are stored there, why would a hacker attack your site other than to slow it down or steal images. Sorry for the silly questions I more of a "can get it to work person" and now trying to understand.
thanks in advance
dwight

gupster
VP-CART New User

101 Posts

Posted - September 07 2006 :  06:22:35  Show Profile  Visit gupster's Homepage  Reply with Quote
I havent switched from access to mysql before but if you havent added many products to access i would also just start from fresh. Like you said less to go wrong then.

The images will be stored on the disk space. Basically the mysql space is just for "text" as in all the text for products, descritpions and text that tells vpasp what catergory the products are in and other bits like product features etc Anything you "type" into vpasp will be stored in the database.

Your site should not keep any records of customer cedit cards but some peoples sites will even though you shouldnt. The hackers will not know this so will try hacking a sites with low security. If they were to get into your database looking for credit card numbers and found that you didnt keep them what would stop them deleting your whole database?? Remember hackers are scum of the earth!!

I think im 99.9% correct in this please let me know if anyone spots anything wrong

I hope this helps.

Cheers,



www.reactionclubwear.co.uk
www.reactionclothing.co.uk
www.reactionlingerie.co.uk
www.reactionvision.co.uk
Go to Top of Page

devshb
Senior Member

United Kingdom
1904 Posts

Posted - September 07 2006 :  06:30:12  Show Profile  Visit devshb's Homepage  Reply with Quote
I agree with all the points above; we did an access to mysql conversion once, and it wasn't much fun at all; lots of problems related to the character sets being different between access/microsoft and mysql/unix/linux.

a conversion of the data can be done, but it'd probably be quicker/easier for you to just start afresh (unless you've got a large number of products/categories/customers etc, in which case it'd be worth the hassle/effort/money of a full-blown conversion process)

having said that, if security is the only reason you're thinking of switching to mysql, then I wouldn't bother. Instead just make sure your access database file is held in a non-browsable directory (ie totally outside the wwwroot area), and then it should be just as secure as any other database type.

remember that if a hacker manages to get into your vpasp admin area, then they can do pretty much anything, and the security of the database itself would become irrelevant at that point. so securing your vpasp admin area is just as important (if not more so) as securing the database itself.

adding secondary passwords in admin, and moving the access file outside wwwroot; those are the 2 most important things. the 3rd thing would be to not hold card numbers/details on your database, as per the previous reply. we (and vpasp) advise to use a gateway to process the card details; with my merchant hat on I'd always want to simply pass all the liability onto the gateway provider.

ps you're not showing a lack of intelligence, just a small gap in some quite specific techie knowledge. I remember the days when I didn't know the difference between email and web-browsing back in the early internet days; it's just about what you've personally had experience with and has nothing to do with how intelligent you are.



Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons

Edited by - devshb on September 07 2006 06:44:05
Go to Top of Page

dwight
VP-CART New User

USA
143 Posts

Posted - September 07 2006 :  07:03:10  Show Profile  Reply with Quote
I really appreceiate your response. when you say"...and moving the access file outside wwwroot;" what would does that mean. For one where is the access file normally kept and how would I identify it so that i can move it(what file type is it etc...). Please give an example as to what outside the WWWroot means or how you would do this.
Thanks in advance
Dwight
Go to Top of Page

devshb
Senior Member

United Kingdom
1904 Posts

Posted - September 07 2006 :  07:08:39  Show Profile  Visit devshb's Homepage  Reply with Quote
if you have ftp access, then normally your site structure would look something like this:

mydomain (absolutely everything; even log files etc)
mydomain/log (log files, just used for internal reporting which your host might give you
mydomain/private (secure files that you don't want people to ever be able to directly link to, such as paid-download files)
or:
mydomain/db (secure database files that you don't want people to ever be able to directly link to)
mydomain/wwwroot (everything that's publicly available on your "mydomain.com" url when browsing)

the "mydomain/wwwroot" physical directory relates to "mydomain.com" on your browser.

so, you'd need to make sure that your access database file (eg "shopping600.mdb") isn't in the wwwroot area; instead it should be in mydomain/db or mydomain/private, and then you'd change your shop$config.asp file to point to, say, "../private" for the dblocation.

if moving your database, I've also found that you should change your xshopid value in shop$config.asp so that it picks up the new location when you next browse the site.

if you get errors after moving it, it'll probably be a permissions error on the db or private directory, in which case your host would need to correct the permissions.

Simon Barnaby
Developer
[email protected]
www.BigYellowZone.com
Web Design, Online Marketing and VPASP addons

Edited by - devshb on September 07 2006 07:13:01
Go to Top of Page

dwight
VP-CART New User

USA
143 Posts

Posted - September 07 2006 :  07:16:25  Show Profile  Reply with Quote
I really appreciate the quick response and the excellent help available in this forum. It really is an invaluable part of the VPASP shopping cart.
Go to Top of Page

jubjub
VP-CART New User

110 Posts

Posted - September 07 2006 :  09:32:49  Show Profile  Reply with Quote
Considering even an Access to SQL Server migration isn't always clean either and they're both Microsoft products. So yeah, Access to MySQL can be quite complex and frustrating.
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000
0 Item(s)
$0.00