php_guest Posted July 25, 2010 Share Posted July 25, 2010 I have DB password and other important information stored in settings.php. I will put settings.php outside public directory. But what I am not sure about is that I use to require_once settings.php into every page (index.php, users.php, profile.php, login.php, ...). Is that safe? I was thinking that if somebody came into any single main file, he will find out where I store setttings. If this file wouldn't be included in this way, than this won't be happen in any file. So for example file users.php starts like this: require_once(thePathName/settings.php'); checkLogIn(1); require_once $_SERVER['DOCUMENT_ROOT'].'/languages/lang_'.$language.'.php'; ... Link to comment https://forums.phpfreaks.com/topic/208863-how-to-store-main-settingsphp-file-to-be-safe/ Share on other sites More sharing options...
PFMaBiSmAd Posted July 25, 2010 Share Posted July 25, 2010 if somebody came into any single main file If someone has direct access to one of your files, they have access to all of them and it does not matter where you put your included files. Is that safe? What makes you think php including files it needs is not safe? There are 10's of millions of php based web sites including files now. Link to comment https://forums.phpfreaks.com/topic/208863-how-to-store-main-settingsphp-file-to-be-safe/#findComment-1091016 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.