I have a CMS system which I want to distribute to users around the internet. All the data for the CMS system is stored on a single central database, which each individual site will have to access.
I would like a system by which a single PHP file (which accesses the database and produces the output) can be accessed securely by all the sites using the CMS, so that an individual user couldn't hack it and get direct access to the database. I need to be able to pass POST variables, GET variables and a single ID variable (to uniquely distinguish each site) to the script, but nothing else.
I think this is pretty straightforward, but I need to be convinced that it will be secure.