pouncer Posted November 9, 2006 Share Posted November 9, 2006 [code=php:0] function Connect() { @mysql_connect("localhost", "myusername", "password") or die("Could not establish connection to the MySQL server <br /> " . mysql_error()); @mysql_select_db("mydbname") or die("Could not select the database <br />" . mysql_error()); }[/code]how can i encrypt my username and pass, so when i have the file open in dreamweaver no-one can see my real username/pass Quote Link to comment Share on other sites More sharing options...
trq Posted November 9, 2006 Share Posted November 9, 2006 You cant really. Not without using something like [url=http://www.zend.com/products/zend_guard]Zend guard[/url]. Quote Link to comment Share on other sites More sharing options...
pouncer Posted November 9, 2006 Author Share Posted November 9, 2006 isnt there any encrypt() or decrypt() functions so i can do@mysql_connect("localhost", decrypt(hfdhdhgdh), decrypt(hdgdghdghg))thats what i mean Quote Link to comment Share on other sites More sharing options...
trq Posted November 9, 2006 Share Posted November 9, 2006 Still, you going to need to set these variables somewhere. Quote Link to comment Share on other sites More sharing options...
Orio Posted November 9, 2006 Share Posted November 9, 2006 If you just dont want anyone to see the password directly, you can use very simple functions like [url=http://www.php.net/str-rot13]str_rot13()[/url] or [url=http://www.php.net/str-rev]str_rev()[/url].If you are looking for a much more heavy encryption, you should look into the [url=http://www.php.net/mycrypt]Mycrypt[/url] functions.Orio. Quote Link to comment Share on other sites More sharing options...
pouncer Posted November 9, 2006 Author Share Posted November 9, 2006 yeah but those encrypt the string.how can i possibly put an encrypted string as a username or a pass for the mysql_connect string.e.gfunction myencryptfunctino() { }function mydecryptfunction() { }so what i would do is encrypt my password by doing echo myencryptfunction("whatever");then id use mydecryptfunction(..whatever it echod above..);like that! but hs anyone got any simple functions like that? Quote Link to comment Share on other sites More sharing options...
Orio Posted November 9, 2006 Share Posted November 9, 2006 That's what I meant :) You can use the following function for an example- it's encryption and decryption is the same thing, so if you want to encrypt you use it and when you want to decrypt you use it.[code]function code($str){return strrev(str_rot13($str);}[/code]Orio. Quote Link to comment Share on other sites More sharing options...
pouncer Posted November 9, 2006 Author Share Posted November 9, 2006 ah ok! i see!thanks. Quote Link to comment Share on other sites More sharing options...
pouncer Posted November 9, 2006 Author Share Posted November 9, 2006 hmm problem. if my username is 'eric'str_rot13("eric") gives me revpi cant get back to 'eric' from revp Quote Link to comment Share on other sites More sharing options...
oracle259 Posted November 9, 2006 Share Posted November 9, 2006 This still doesnt solve the undelying problem as thorpe said [quote] Still, you going to need to set these variables somewhere.[/quote] Quote Link to comment Share on other sites More sharing options...
pouncer Posted November 9, 2006 Author Share Posted November 9, 2006 i just want to set my username/password as some jubled up characters so no-one can get my password that easily.. Quote Link to comment Share on other sites More sharing options...
Psycho Posted November 9, 2006 Share Posted November 9, 2006 [quote author=pouncer link=topic=114398.msg465549#msg465549 date=1163099029]i just want to set my username/password as some jubled up characters so no-one can get my password that easily..[/quote]But, whatever method you use to decrypt the password would be obvious to anyone looking at the file! All they would have to do is run the process that you are using to decrypt the password and echo it to the page.The best advice I could give would be to put the username & password is a single page as variables and have any page needing those values include it. Then just don't let anyone see/open the page with the username/password variables. Quote Link to comment Share on other sites More sharing options...
Orio Posted November 9, 2006 Share Posted November 9, 2006 [quote author=pouncer link=topic=114398.msg465543#msg465543 date=1163098012]hmm problem. if my username is 'eric'str_rot13("eric") gives me revpi cant get back to 'eric' from revp [/quote]str_rot13("repv") gives you eric :)Orio. Quote Link to comment Share on other sites More sharing options...
oracle259 Posted November 10, 2006 Share Posted November 10, 2006 I think mjdamato has it right its much safer to store the user and password variables in a separate file eg. source.ini.php then upload this file outside of web browser path. When u need them just include the file. But i guess u can also combine what ur doing with this approach but i dont see what extra security values it provides...well maybe to someone who might not know what their looking at. Doubt it but stranger things have happened ;) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.