Jump to content

Recommended Posts

By secure I don't mean military level security, just general security...

 

This is what I currently insert at the top of my PHP scripts:

 

$server="server";
$user="username";
$pass="password";
$connect=mysql_connect($server,$user,$pass);
mysql_select_db("database");

 

Is this secure enough? Should I ought to use a different method?

Link to comment
https://forums.phpfreaks.com/topic/173605-secure-database-connection/
Share on other sites

I'm no expert, but I believe you need to send the connection info in clear text, so I think that trying to encrypt the password would be useless - you would have to include the functionality to unecrypt it in the script anyway. So, if someone had access to the config settings, they would also have access to the manner to unencrypt it.

 

The best solution I cna think of is to NOT include the code with the database connection info within the webroot directory or sub directories. Put it in a directory not accessible via the web. Take a look at this tutorial: http://www.phpfreaks.com/tutorial/php-security/page1

The best solution I cna think of is to NOT include the code with the database connection info within the webroot directory or sub directories. Put it in a directory not accessible via the web. Take a look at this tutorial: http://www.phpfreaks.com/tutorial/php-security/page1

 

True, anything thats included can be outside browser viewing areas, you never need to view it directly anyways

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.