Security in PHP scripts containing MySQL login info..
Posted: Thu Mar 06, 2003 2:31 pm
Hi there,
Still learning the art of PHP and looking for some guidance...
I have created a Content Management System for a site that I am working on - the whole site is based on dynamic content. The problem I have is that currently my database login info is in a file that I include in all scripts that require the database. It just holds a persistant connection with my username and password. I realise that this is not secure as this file is within a 'web' folder.
What is the most common solution to this kind of problem, is it a permission thing, or can the file be placed in a non-web folder and accessed from there?????...................
Any help would be great...
Regards,
Naz
Still learning the art of PHP and looking for some guidance...
I have created a Content Management System for a site that I am working on - the whole site is based on dynamic content. The problem I have is that currently my database login info is in a file that I include in all scripts that require the database. It just holds a persistant connection with my username and password. I realise that this is not secure as this file is within a 'web' folder.
What is the most common solution to this kind of problem, is it a permission thing, or can the file be placed in a non-web folder and accessed from there?????...................
Any help would be great...
Regards,
Naz