Code: Select all
// establish link to db
$link = mysql_connect("mysql.hostname.com", "username", "password") or die("Could not connect: " . mysql_error());
Usually, I don't have problems, however, occasionally, something is going on with my webhost service, and the MySQL db isn't working. As a result, rather than getting a normal page back, sans db results, I get the following:
Warning: mysql_connect(): Access denied for user: 'username' (Using password: YES) in E:\webspace\resadmin\domainname.com\domainname.com\www\sitenamefolder\index.php on line 38
Could not connect: Access denied for user: 'username' (Using password: YES)
Of course, I'm putting in dummy names for the username, password, and even domain (in this post...to be safe). But the actual output is providing significant real info, such as the real user name, and even a directory of where my webdocuments are being served up.
I imagine this is a huge security risk for me. How should I avoid this? Is it just a matter of taking the or die() code out?
Thanks in advance!