Board index   FAQ   Search  
Register  Login
Board index php forum :: Database mySQL & php coding

?Put connection data where users can't access it directly?

Codes here !

Moderators: macek, egami, gesf

?Put connection data where users can't access it directly?

Postby azw » Fri Nov 01, 2002 11:13 pm

Hi,

In several PHP pages I use the same lines to set up a connection to a mySQL database.

// set variables for database
$Host = "localhost";
$User = "xxx";
$Password = "yyy";
$DBName = "zzz";
$TableName = "aaa";

I'd rather put this somewhere besides in a php file, since it contains my username and password.

Is it possible to use an option file with a php file? It looks to me as though option files are only usable with the command line or batch scripts.

It would be possible to put these in a php file and then call it with the php require function. That'd be okay if I could place this above (or maybe it's below?) my home directory. Unfortunately, with Discount-Hosting I don't have access to anything higher than my home directory. Am I right in assuming that this kills that method?

Any other ideas on how to do this?

Thanks!
Art
azw
New php-forum User
New php-forum User
 
Posts: 41
Joined: Fri Oct 11, 2002 9:13 pm

Postby DoppyNL » Sat Nov 02, 2002 12:25 am

You can use the function include to include other files in your script. If you want to terminate processing when the file is not available you can use require.
Put the login information in another file and include that in all the files you need your database.
give that file the extention .php, that way your password will not be exposed when someone finds that file.

Greetz Daan
DoppyNL
 

Postby Jay » Sat Nov 02, 2002 2:36 am

Why would you want to do that? No-one except anyone with direct FTP access can view anything stored in your PHP file, because it gets parsed if called via HTTP. I don't see what you stand to gain.
Jay
 

Postby DoppyNL » Sat Nov 02, 2002 2:40 am

azw wanted his database-login-code to be in only one file instead of multiple files.
It's very simple to include a login.php script for your database in all those files, then when your database settings change, you only have to change one file.
You need to call it .php so it gets parsed, rather then displayed.

Greetz Daan
DoppyNL
 

Postby Jay » Sat Nov 02, 2002 3:14 am

OIC, it was this that got me "I'd rather put this somewhere besides in a php file, since it contains my username and password.", I thought he was on about security!
Jay
 

Postby azw » Sat Nov 02, 2002 8:16 am

Hi,

You're both right. I was concerned with both security and ease of change. Once again, I appreciate your help!

If I don't have to worry about just putting them in the xxx.php file, I can do that.

Thanks!

Art
azw
New php-forum User
New php-forum User
 
Posts: 41
Joined: Fri Oct 11, 2002 9:13 pm


Return to mySQL & php coding

Who is online

Users browsing this forum: No registered users and 2 guests

Sponsored by Sitebuilder Web hosting and Traduzioni Italiano Rumeno and antispam for cPanel.

cron