Hi,
I'm relatively new to PHP and was wondering how to make sure the username and password in my connection string were kept secure and unreadable by end users...
I am connecting to MySQL database...
Thanks!
Rehan
Securing the Connection String
Moderator: General Moderators
-
rehandalal
- Forum Newbie
- Posts: 10
- Joined: Mon Sep 18, 2006 3:44 am
- Location: Mumbai, India
-
rehandalal
- Forum Newbie
- Posts: 10
- Joined: Mon Sep 18, 2006 3:44 am
- Location: Mumbai, India
Under a GNU/linux environment you would put the config file one directory below the web root.. i.e. if the web root was /home/httpd/html you would put the conf file in /home/httpd and include it from there. The idea is if for what ever reason your http server decided to spit out the contents of the config file instead of parsing it no one could access it because it's not in the web root. Be sure to give it the correct ownership which is normally nobody.
-
rehandalal
- Forum Newbie
- Posts: 10
- Joined: Mon Sep 18, 2006 3:44 am
- Location: Mumbai, India
hm... alrite well suppose my web root was:
../web/public_html/
and i was to put the config file in:
../web/
how excatly would i include the file in another PHP file located in the root directory?
ALSO
how would i assign the correct ownership?? CHMOD?? And if so what should be the CHMOD settings?
THANKS!!!
../web/public_html/
and i was to put the config file in:
../web/
how excatly would i include the file in another PHP file located in the root directory?
ALSO
how would i assign the correct ownership?? CHMOD?? And if so what should be the CHMOD settings?
THANKS!!!
rehandalal wrote:hm... alrite well suppose my web root was:
../web/public_html/
and i was to put the config file in:
../web/
how excatly would i include the file in another PHP file located in the root directory?
Code: Select all
require_once('/web/conf.inc.php');rehandalal wrote: how would i assign the correct ownership?? CHMOD?? And if so what should be the CHMOD settings?
Code: Select all
chown nobody.nobody /web/conf.inc.php-
rehandalal
- Forum Newbie
- Posts: 10
- Joined: Mon Sep 18, 2006 3:44 am
- Location: Mumbai, India
thanks for the speedy reply... still a little confused though...
supposed i am including the config file in the file:
../web/public_html/index.php
wouldnt:
cause it to try to include the file:
../web/public_html/web/conf.inc.php
or am i mistaken there...
supposed i am including the config file in the file:
../web/public_html/index.php
wouldnt:
Code: Select all
require_once('/web/conf.inc.php');../web/public_html/web/conf.inc.php
or am i mistaken there...