allow s you t o prepare only one st at em ent at a t im e, unlike DBI and JDBC, which support m ult iple sim ult aneous prepared st at em ent s. Should you require such funct ionalit y, you m ight consider how t o reim plem ent MySQL_Access t o provide it .

2.11 Ways of Obtaining Connection Parameters

2.11.1 Problem

You need t o obt ain connect ion param et ers for a script so t hat it can connect t o a MySQL server.

2.11.2 Solution

There are lot s of ways t o do t his. Take your pick.

2.11.3 Discussion

Any program t hat connect s t o MySQL needs t o specify connect ion param et ers such as t he usernam e, password, and host nam e. The recipes shown so far have put connect ion param et ers direct ly int o t he code t hat at t em pt s t o est ablish t he connect ion, but t hat is not t he only way for your program s t o obt ain t he param et ers. This sect ion briefly surveys som e m et hods you can use, t hen shows how t o im plem ent t wo of t hem . • H a r dw ir e t h e pa r a m e t e r s in t o t h e pr ogr a m . The param et ers can be given eit her in t he m ain source file or in a library file t hat is used by t he program . This is convenient because users need not ent er t he values t hem selves. The flip side, of course, is t hat it s not very flexible. To change t he param et ers, you m ust m odify your program . • Ask for t h e pa r a m e t e r s in t e r a ct ive ly. I n a com m and- line environm ent , you can ask t he user a series of quest ions. I n a web or GUI environm ent , t his m ight be done by present ing a form or dialog. Eit her way, t his get s t o be t edious for people who use t he program frequent ly, due t o t he need t o ent er t he param et ers each t im e. • Ge t t h e pa r a m e t e r s fr om t h e com m a n d lin e . This m et hod can be used eit her for com m ands t hat you run int eract ively or t hat are run from wit hin a script . Like t he m et hod of obt aining param et ers int eract ively, t his requires you t o supply param et ers each t im e you use MySQL, and can be sim ilarly t iresom e. A fact or t hat significant ly m it igat es t his burden is t hat m any shells allow you t o recall com m ands from your hist ory list for reexecut ion. • Ge t t h e pa r a m e t e r s fr om t h e e x e cu t ion e n vir on m e n t . The m ost com m on way of using t his m et hod is t o set t he appropriat e environm ent variables in one of your shells st art up files such as .cshrc for csh; .t cshrc for t csh; or .profile for sh, bash, and ksh . Program s t hat you run during your login session t hen can get param et er values by exam ining t heir environm ent . • Ge t t h e pa r a m e t e r s fr om a se pa r a t e file . Wit h t his m et hod, you st ore inform at ion such as t he usernam e and password in a file t hat program s can read before connect ing t o t he MySQL server. Reading param et ers from a file t hat s separat e from your program gives you t he benefit of not having t o ent er t hem each t im e you use t he program , while allowing you t o avoid hardwiring t he values int o t he program it self. This is especially convenient for int eract ive program s, because t hen you need not ent er param et ers each t im e you run t he program . Also, st oring t he values in a file allows you t o cent ralize param et ers for use by m ult iple program s, and you can use t he file access m ode for securit y purposes. For exam ple, you can keep ot her users from reading t he file by set t ing it s m ode t o allow access only t o yourself. The MySQL client library it self support s an opt ion file m echanism , alt hough not all API s provide access t o it . For t hose t hat dont , workarounds m ay exist . As an exam ple, Java support s t he use of propert ies files and supplies ut ilit y rout ines for reading t hem . • Use a com bin a t ion of m e t h ods. I t s oft en useful t o com bine som e of t he preceding m et hods, t o afford users t he opt ion of providing param et ers different ways. For exam ple, MySQL client s such as m ysql and m ysqladm in look for opt ion files in several locat ions and read any t hat are present . Then t hey check t he com m and- line argum ent s for furt her param et ers. This allows users t o specify connect ion param et ers in an opt ion file or on t he com m and line. These m et hods of obt aining connect ion param et ers do involve som e securit y issues. Briefly sum m arized, t hese issues are: • Any m et hod t hat st ores connect ion param et ers in a file m ay result in com prom ise unless t he file is prot ect ed against read access by unaut horized users. This is t rue whet her param et ers are st ored in a source file, an opt ion file, or a script t hat invokes a com m and and specifies t he param et ers on t he com m and line. Web script s t hat can be read only by t he web server dont qualify as secure if ot her users have adm inist rat ive access t o t he server. • Param et ers specified on t he com m and line or in environm ent variables are not part icularly secure. While a program is execut ing, it s com m and- line argum ent s and environm ent m ay be visible t o ot her users who run process st at us com m ands such as ps -e. I n part icular, st oring t he password in an environm ent variable perhaps is best lim it ed t o use in sit uat ions where youre t he only user on t he m achine or you t rust all ot her users. The rest of t his sect ion shows how t o process com m and- line argum ent s t o get connect ion param et ers, and how t o read param et ers from opt ion files.

2.11.4 Getting Parameters from the Command Line