Page 1 of 1

Permissions in php

Posted: Tue Sep 14, 2010 7:47 am
by vinit.tiwari2012
I have saved all the data necessary to create the database connection to a file named settings.php and now i have set its permissions to 744 (rwxr--r--).
I have attached the file to this mail and also a different attachment telling about how this will be used.
but now i think won't this give a security problem because somebody on a different server will access this file and make connection to my database.
as if he write

require_once('someserver/settings.php')
and use just like i am using.

File settings.php

Code: Select all

<?php

$dbUser="test";

$dbPassword="123456";

$dbName="testDatabase";

$dbHost="localhost";

$dbPort="3306";

$tablePrefix="test_";

?>

Code: Select all

<?php	
	require_once("../site/settings.php");
	mysql_connect($dbHost.':'.$dbPortNo, $dbUser, $dbPassword);
	mysql_select_db($dbName);
?>
Thanks in advance.

Re: Permissions in php

Posted: Tue Sep 14, 2010 9:57 am
by Bill H
Not if your settings.php is outside of your web root directory. I put such files in the "cgi-bin" directiry provided by the host.