encryption?

[pouncer]

[code=php:0]
function Connect() {
@mysql_connect("localhost", "myusername", "password") or
die("Could not establish connection to the MySQL server <br /> " . mysql_error());

@mysql_select_db("mydbname") or
die("Could not select the database <br />" . mysql_error());
}
[/code]

how can i encrypt my username and pass, so when i have the file open in dreamweaver no-one can see my real username/pass

[trq]

You cant really. Not without using something like [url=http://www.zend.com/products/zend_guard]Zend guard[/url].

[pouncer]

isnt there any encrypt() or decrypt() functions so i can do

@mysql_connect("localhost", decrypt(hfdhdhgdh), decrypt(hdgdghdghg))
thats what i mean

[trq]

Still, you going to need to set these variables somewhere.

[Orio]

If you just dont want anyone to see the password directly, you can use very simple functions like [url=http://www.php.net/str-rot13]str_rot13()[/url] or [url=http://www.php.net/str-rev]str_rev()[/url].
If you are looking for a much more heavy encryption, you should look into the [url=http://www.php.net/mycrypt]Mycrypt[/url] functions.

Orio.

[pouncer]

yeah but those encrypt the string.

how can i possibly put an encrypted string as a username or a pass for the mysql_connect string.

e.g

function myencryptfunctino() { }

function mydecryptfunction() { }

so what i would do is encrypt my password by doing

echo myencryptfunction("whatever");

then id use mydecryptfunction(..whatever it echod above..);

like that! but hs anyone got any simple functions like that?

[Orio]

That's what I meant :) You can use the following function for an example- it's encryption and decryption is the same thing, so if you want to encrypt you use it and when you want to decrypt you use it.

[code]function code($str)
{
return strrev(str_rot13($str);
}[/code]

Orio.

[pouncer]

ah ok! i see!

thanks.

[pouncer]

hmm problem.

if my username is 'eric'

str_rot13("eric") gives me revp

i cant get back to 'eric' from revp

[oracle259]

This still doesnt solve the undelying problem as thorpe said [quote] Still, you going to need to set these variables somewhere.[/quote]

[pouncer]

i just want to set my username/password as some jubled up characters so no-one can get my password that easily..

[Psycho]

[quote author=pouncer link=topic=114398.msg465549#msg465549 date=1163099029]
i just want to set my username/password as some jubled up characters so no-one can get my password that easily..
[/quote]

But, whatever method you use to decrypt the password would be obvious to anyone looking at the file! All they would have to do is run the process that you are using to decrypt the password and echo it to the page.

The best advice I could give would be to put the username & password is a single page as variables and have any page needing those values include it. Then just don't let anyone see/open the page with the username/password variables.

[Orio]

[quote author=pouncer link=topic=114398.msg465543#msg465543 date=1163098012]
hmm problem.

if my username is 'eric'

str_rot13("eric") gives me revp

i cant get back to 'eric' from revp
[/quote]
str_rot13("repv") gives you eric :)

Orio.

[oracle259]

I think mjdamato has it right its much safer to store the user and password variables in a separate file eg. source.ini.php then upload this file outside of web browser path. When u need them just include the file. But i guess u can also combine what ur doing with this approach but i dont see what extra security values it provides...well maybe to someone who might not know what their looking at. Doubt it but stranger things have happened  ;)