Does it make a difference to hackers if password is stored in sql and not in php

[sd9sd]

Hi,

 

I'm a complete newbie to php, and I've read php experts warning not to place passwords inside a php file, coz if the server gets compromised, a hacker will be able to see the password.

But my question is that if the server gets compromised and the hacker can see the php file, then won't the hacker be able to view the login and password of the sql database (stored in the php file) and then gain access to the database?

[HGeneAnthony]

Most people who set up databases in PHP set a username and password for the database to be localhost only.  So even if they get access to your user/pass unless they can get into your server they can't use it and if they do you're screwed anyway. 

[HGeneAnthony]

As far as user/passwords accounts you plan to use for others login to your web site you'll want to use the crypt feature to create a one way hash of the password.  When someone tries to login you hash the password they provide against the one in your db.  If they're the same it's an identical password.  Here's the code:

 

$password1 = crypt("12345");
$password2 = crypt("12345", $password1);

if ($password==$password2) echo "Passwords are the same";
else echo "Passwords are different";

[rhodesa]

sorry to be picky...but the password check line should use strcmp instead (and should be $password1):

 

if(strcmp($password1,$password2) === 0) echo "Passwords are the same";

[priti]

Hi,

 

I'm a complete newbie to php, and I've read php experts warning not to place passwords inside a php file, coz if the server gets compromised, a hacker will be able to see the password.

But my question is that if the server gets compromised and the hacker can see the php file, then won't the hacker be able to view the login and password of the sql database (stored in the php file) and then gain access to the database?

 

thats pretty true !! Nothing is safe if login credentials are with hackers .

 

Well i was reading an article some time back on security and it listed some basic step like if you have to create an admin panel the very first thing come in mind is create an admin directory and keep related files there. Rather, then this keep this directory name some thing different(something which is diffcult to guess and only known to you)  and protect it with password. this is how you avoid a very first step of hacker to your system.he has to find which is a admin directory before he sits for getting control thru admin with admin login creditials to get your sites related sensitive info.

 

no system is 100% secure.

 

Regards

 

 

[haku]

I'm going to be even more picky than that. First, 'sha1' should be used instead of 'crypt'.

 

Next, the 'strcomp' should also never be used for passwords, in that a password should never be pulled out of the database for security reasons. When checking passwords, the SQL enquiry should set a WHERE password= encrypted_password. strcomp itself isn't flawed, its just that a person should never be in a position to use it when comparing a password someone is attempting to log in with, with one that is already stored. Of course it can be used on registration forms when a person enters a password twice to ensure they are entering the correct password.

 

 

As to the OP - if your system gets compromised, of course you are somewhat screwed. But, storing in the database will be more secure.

[Northern Flame]

just dont enter the real password into your database,

you can encrypt it with something like md5() and

just store the encrypted password in your database.

then do something like

 

<?php

 

$username = $_POST['username'];

$password = md5($_POST['password']);

 

$query = mysql_query("SELECT * FROM `table` WHERE `username`='$username' && `password`='$password'");

 

if(mysql_num_rows($query) == 0){

echo 'No Match Found';

} else{

echo 'Logged In!';

}

 

?>

[sd9sd]

Wow! this forum is great! Thanks so much everybody....most of what you said is greek & latin to me, but the idea of storing passwords in an encrypted form in the database seems best for my application.

 

@HGeneAnthony: "Most people who set up databases in PHP set a username and password for the database to be localhost only"

I didn't get what you meant by that...what does it mean to have the username and password to be localhost?

[Northern Flame]

i think he meant that most people connect to the database

not by setting the url, but by localhost, ex:

 

<?php

 

mysql_connect("localhost", "username", "password");

 

?>

 

instead of

 

<?php

 

mysql_connect("web-address.com", "username", "password");

 

?>

 

in order to use the first method, the hacker will need

to hack into your server and implement the code

in there, which will be harder to do.

[sd9sd]

thanks! I was under the impression that localhost was used for testing purpose only...and used to replace it with the domain name

[haku]

localhost just means that the server is stored on the same machine as the code, so the code is accessed by, and accesses, the server directly instead of going through the net.

I believe that using a domain name when your server is local will actually slow things down.