Code: Select all
<?php
# setup database
$host = “localhost”;
$user = “username”;
$pass = “password”;
$db = “database”;
?>So, all someone has to do is save this file to their HD using a web coping software, then open the file, get my login userid and pass, and goto http://www.mydomain.com/admin , and they can get into my control panel for the site. I have had this done before. Someone used a website copying software, copied everything off my website, got my userid and password and was able access my site. So, I am trying to hide or protect this info to keep it safe.
I have tried placing the file with the login info outside of my websites webroot, but I cannot get PHP to read files outside of the webroot.
I have placed the file in “c:/php/incudes” and added that to the “include_file” setting in my php,ini file, and then tried to include the file in my scripts and that did not work.
I tried to encode my file with the Zend Encoder, but when I tried to install Zend Optimizer, I could not get it to work on my Windoze2k3 system.
How can I protect my login info yet still be able to use it in my scripts? Any ideas?
Thanks in advance…
CyberSpatium