database connection method. Inline PHP or XML?

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
User avatar
voodoo9055
Forum Commoner
Posts: 51
Joined: Sat Apr 26, 2003 3:27 pm
Location: Montgomery, AL

database connection method. Inline PHP or XML?

Post by voodoo9055 »

I understand that one can have their database host, user name and password inside a php file like so...

Code: Select all

<?php

$host = 'some host';
$user = 'some user';
$pass = 'some password';

?>
But, I want to be able to update this information later through a PHP page. From a script that I purchase, I noticed that they kept their database connection information in a XML document. I don't know XML at all so I wouldn't even know where to begin that way, but is their a way where I could place the hostname, username, and password in a regular text file and read it and update it later?

I am trying to prevent from having to edit the actually php file to update database connection information or is it just better to do it the inline php way?
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

Perhaps not the best idea, having security in mind. But you could;

Code: Select all

$pass = "pass";
    $pass = "newpass";

--- file looks like
<?php
    // read file into array
    $array = file("cfg.php");
    // display a line
    echo $array[2]."\n";
    // change it
    $array[2] = '    $pass = "newpass";';
    // display it again
    echo $array[2]."\n";
    // write info back to cfg.php goes here
?> 

--- cfg.php looks like
<?php
    $user = "user";
    $pass = "pass";
    $host = "host";
?>
Go from that, add a form, and start tweaking.
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

There is no difference between having a PHP page edit a PHP page and a PHP page edit an XML page, from the point of view of dealing with files.

The XML format is probably a little safer as it avoid PHP injection attacks should your update password script get compromised.
User avatar
voodoo9055
Forum Commoner
Posts: 51
Joined: Sat Apr 26, 2003 3:27 pm
Location: Montgomery, AL

Post by voodoo9055 »

I got it to work, but it was a lot of trouble. I decided to stick to the inline way. Thank you for your help. :)
Post Reply