SchweppesAle Posted January 31, 2010 Share Posted January 31, 2010 Hi, i have the following variables which I've stored within a config class. I'm using a function to return said data, however I was wondering if there's a better/safer way of doing this. Example: if a hacker managed to slip a file within the apache server. What's to stop him from also including this file then creating an object which returns our database config? Is there anyway to avoid this? class BConfig { private $database = 'CMS'; private $username = 'someusername'; private $password = 'apassword'; public function getDatabaseConfig() { $configuration = array( 'database' => $this->database, 'username' => $this->username, 'password' => $this->password ); return $configuration; } } Link to comment https://forums.phpfreaks.com/topic/190473-how-to-properly-encapsulate-sensitive-data/ Share on other sites More sharing options...
PHP Monkeh Posted January 31, 2010 Share Posted January 31, 2010 Apart from encoding all your files, there's nothing stopping them. Though if a hacker managed to 'slip a file within the apache server' they will probably just be able to open up your file anyway. If someone managed to get access to your server, your database config details are the last thing you really need to worry about Link to comment https://forums.phpfreaks.com/topic/190473-how-to-properly-encapsulate-sensitive-data/#findComment-1004712 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.