Jump to content

Recommended Posts

Hey all,

I'm sure this is a really basic question but I'd like a definite answer.  I've been watching a tutorial and seeing some site references regarding connecting to a sql database using php.  Since it contains a password to the database, my question is, how secure is this page on a webserver, or does it not even matter since the code is so specific to the website and the database it is connecting to.

Thank you in advance.
Chris

Link to comment
https://forums.phpfreaks.com/topic/311482-database-connect-page-private/
Share on other sites

Short answer: it's safe.

Longer answer: it's as safe as any other PHP file on your server. It's a common practice to put this script, or at least a script that defines variables/constants with database credentials, in a PHP file that is not located inside the web root (eg, outside of your public_html or www or whatever directory that your site is based in) because if it's not an actual page then it really shouldn't be in the root; this practice is easy to achieve when you get larger sites that have a single public_html/index.php that runs an "application" or some similar concept whose files are all outside the root.

  • Thanks 2
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.