Securing SQLite Databases with the Authorizer
Learn about the SQLite database and how we can secure our database by providing the authorizer to it.
Many PHP developers prefer to use SQLite as their database engine rather than a separate database server such as PostgreSQL, MySQL, Oracle, or MongoDB. The reasons for using SQLite are many, but often come down to the following:
SQLite is a file-based database: We don’t have to install a separate database server.
It’s easy to distribute: The only requirement is that the target server needs to have the SQLite executable installed.
SQLite is lightweight: Since there’s no constantly running server, it takes fewer resources.
That said, the downside is that it’s not very scalable. If we have a fairly substantial amount of data to deal with, it’s probably better to install a more powerful database server. The other potentially major drawback is that SQLite has no security, which is covered in the next section.
Is there no security?
Yes, you heard correctly: by default, by its very design, SQLite has no security. That, of course, is the reason many developers like to use it: having no security makes it super easy to work with!
Here’s a sample block of code that connects to an SQLite database and conducts a simple query of the geonames
table. It returns a list of cities in India where the population is greater than two million:
Get hands-on with 1400+ tech skills courses.