chmod for (newbie) user pass to sql

[d_drive]

first, a big thank you to all who contribute here. secondly I am a php newbie. One of the pinned topics at the top of this site says something about not posting in here, but post in the newbie thread, but did not see one, so am posting here.

(I have spent about an hour this morning scanning googles many different php and chmode suggested resouces and have come up with nothing) With that disclaimer;

I have cobbled together a registration system for my site using jpmasters 77log in script which is awesome. the question is not with the script, it is very well commented and easy to use once I got the mySQL table set up. The question has more to do with security. The script and its functions stores the mysql username and pw in a separate php file. This file I would like to shield from anyone with more knowledge than I (hehehe, most everyone).

 

my igorance is this:

Question 1:

While I can get the code from most any htm page by either viewing its source, or doing a saveas, and grabing the file for further disection. I do not want anyone to be able to read or access the  referenced file. I do not know if this is possible with php files stored in the public_htm portion of my site.

 

Question 2:

Currently the chmod is set on this file to 644. I attempted to reset this php file to 641 thinking the code would execute, but it only works with the user set to read. I guess my newbie igorance is of the terminology "read" access. just trying to hack my own site, leads me to believe that it is the server reading for the end user of the site, not the actual user being able to read this .php page?

 

Question 3:

Since I now have a database with user privaledges, I am using a bit of code snippet to control access to different pages on my site with this information. Is it appropriate to apply this test to the .php file as well?

 

thank you in advance

 

[Demonic]

 

Q1: at the beginning of files you don't want anyone to see password protect it if your including it in a file do this:

 

if(!defined("INDEX"))

    die("YOU CAN"T ACCESS THIS FILE DIRECTLY");

 

in the main file you include use

 

define("INDEX",true);

 

Q2:

chmod(file,0777);

 

give me some more detail:

 

Q3: need some more detail

[d_drive]

Q1, thank you, will test, and will probably do the trick, though this relates directly to Q3

Q2, in my thinking, in layspeak I would like the "mySQLaccess.php" file locked out so that no one can "read" it to get my sql access which is is my site access also due to some restrictions from my hosting service (bummer but true). In setting security on this file and translating my paranoia into chmode, the current setting 644 works just fine.

In my mind, I would like to set access permissions of ##0 or ##1 allowing no user "read" of this file, but as I test and work with it, I am thinking there is a disconnect between what my mind is saying is "read" and what chmod is actually doing. In order for the script to work it must be set at a minimum of ##4.

As such is it true that the end user cannot actually read this file as much as the functions called from user opened pages read this file?

Q3, rather than apply the

if(!defined("INDEX"))

    die("YOU CAN"T ACCESS THIS FILE DIRECTLY");

I will use the access level code in the mysql database to test. for admin access, though I am not sure what for other than to get the practice coding