Jump to content

Encrypting password in mysqli connection


PigsHidePies

Recommended Posts

I was wondering if there was a way to either hide or encrypt the password in a connection request to a mysql database. I am using:
@ $db=new mysqli('localhost', 'username', 'password', 'database');

This doesnt seem like a good idea to me to have a plaintext password hardcoded into the script. Any alternatives are appreciated. thanks
Link to comment
Share on other sites

one way i like to do it is have my variables set in another file. for instance, i'll have something like this:
[code]
<?php
// inc.config.php
$dbConn = array(
  'user' => 'username',
  'pass' => 'password',
  'name' => 'database',
  'host' => 'localhost'
);
?>
[/code]

then, just require your config file and use the variables in your connection string:
[code]
<?php
require('inc.config.php');
$conn = mysql_connect($dbConn['host'], $dbConn['user'], $dbConn['pass']);
if (!$conn) {
  die("Couldn't connect to database!");
}
mysql_select_db($dbConn['name'], $conn);
?>
[/code]

this way, if you're concerned about security, you could even have this file below your web root to restrict web access and include from there.

hope this helps.
Link to comment
Share on other sites

anything you do is going to require you to put your password hardcoded SOMEWHERE, so to me, the method i mentioned above is about the best you're going to get. if someone were to hack your server and have access to the containing file, most likely they'll be able to get to your database without looking at that file anyway, so by that point, it doesn't much matter ;)
Link to comment
Share on other sites

[quote author=PigsHidePies link=topic=107270.msg430146#msg430146 date=1157661843]
makes sense, thanks for your help, obsidian.
[/quote]

no problem. keep checking back, because some of the other guys may have some more input on this that i haven't considered in this post.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.