using php include() to get fmp data - secure?

[Batfastad]

Ok I have a database called company which stores information about the companies we deal with.

I already have certain sections of our database shared onto the internet, but not this company information file.

The way I've always done this is to use the PHP include() function...

include("http://web.domain.org:591/FMPro?-DB...");

I use the web security db, and I have filemaker unlimited 5 (not 5.5 or 6) running on a windows box.

In the web security db this database has browse permissions.



Could someone download all my data?



I've written CDML code in all my format files so that only the IP address of the php server performing the include can access...

[FMP-If: ClientIP .eq. 123.456.789.012]

more cdml code here

[/FMP-If]

1) I heard there was a vulnerability in the XML support in later versions of the web companin which could allow people to gain access to the data. Is this the case with FMU 5?



Most of the security of doing this lies in the fact that people won't know we use filemaker, as there's no trace in our source code.



2) Are there any other steps I can take to ensure that people can't get at data I don't want them to?



3) In my web security db, I've set all users permissions to browse.

So in theory if someone knew the location of our filemaker web server, they could construct a CDML query to return all the data.

Though we have no format files that would let them do that as they're all restricted by IP address - is there a way they could get round this?



Say for example I have 'all users' set to 'browse' for this database in the web security db.

4) If there are no CDML format files in the Web directory, can they still access the data?

Surely if there are no format files, they can't.



5) So the same should be true if I test the ip address on the format files, and only allow he ip address of our ISPs web server?



I could add username/password security to my web security database.

Then in my PHP include I do this:

include("http://username:[email protected]:591/FMPro?-DB=..");

And only allow browse permissions for that username/password combination.

6) Would this add an extra level of security?

7) I assume there's no way for people to try and get at my username and password if it's stored in my PHP source code?

Otherwise I guess people would be able to get hold of MySQL usernames and passwords which are usually held in the PHP source code.

As far as I can think of, implementing all those steps ensures that cdml queries can only be run from our ISPs web server, and only if they know the username/password.

Anything else I could do?

Thanks

Ben