Jump to content


Photo

Newbie security concern Re: Database Connection Parameters


  • Please log in to reply
2 replies to this topic

#1 bluwe

bluwe
  • Members
  • PipPipPip
  • Advanced Member
  • 33 posts

Posted 11 October 2006 - 10:01 PM

Hiya,

I'm just getting started in php/MySQL and I've noticed that to open a connection to your database in order to pass SQL statements to it you need to specify a username and password within the php code... Basically I'm worried about the security of having these credentials in a page on a public server. Am I right in saying that only the web server sees this information because it's inside php tags?

Please forgive the stupid question!

Cheers

#2 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 11 October 2006 - 10:50 PM

Assuming you've set up your web host properly, any .php file will be automatically executed, and thus never world-readable.  So yes.
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#3 bluwe

bluwe
  • Members
  • PipPipPip
  • Advanced Member
  • 33 posts

Posted 12 October 2006 - 09:11 AM

Thanks, Fenway.  :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users