newbie question on php security

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Braendan
Forum Newbie
Posts: 7
Joined: Tue Jun 25, 2002 2:34 am

newbie question on php security

Post by Braendan »

Hi,

Sorry bout this post. You know when you write a php script and you place that

Code: Select all

$connect=@mysql_connect("localhost","username","password") or die ("couldnt connect to sql server");
How safe is this ?

When a user uses a programme which does a grab of this entire site i think the user will be able to see the whole script or am i wrong ?

Is putting all the username/password/db settings in a seperate file and including it the only option ?

Best Regards
Braendan
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

PHP code is server-side, that means that it is executed before it reaches the browser and the user doesn't see any PHP in the source code. So if your server is set-up to parse all files with the extension .php as PHP and your files have this extension then you don't have to worry, all the user will see is HTML and depending what else you use maybe some CSS and Javascript.

Mac
Braendan
Forum Newbie
Posts: 7
Joined: Tue Jun 25, 2002 2:34 am

Post by Braendan »

thanks a lot :)
Post Reply