Hi,
I read in a book that it is advised to store the database access information outside the rootfolder for security purposes. I think it makes sense but I would like to know what path I then need to specify in the include statement.
thanks,
P
including files stored outside of root folder
Moderator: General Moderators
-
php4user2007
- Forum Newbie
- Posts: 12
- Joined: Mon Apr 02, 2007 4:12 am
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
If your site root is /var/www/my_site/public_html/ you would store them in /var/www/my_site/. Keep in mind that if you are including a file that has DB details that are either constants or variables, if you do not unset them after using them than they can still be echoed anywhere later in the script. If you are not distributing this application, why not just put them in the code?
-
php4user2007
- Forum Newbie
- Posts: 12
- Joined: Mon Apr 02, 2007 4:12 am
this makes sense but I'm just not sure where you get the "/var/www/" from? If I access my domain via ftp it will display a path like http://www.mydomain.com/public_html/index.php so I'm not sure where you can find out what path should be infront of the domain name.
thanks
thanks
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
You can write a quick script in PHP to give you the full path:
Run, check the results, of course delete once done. You can run something similar from the PHP command line also if available.
The path is likely a UNIX path (unless you have a windows server). It will point usually on a shared host to /home/username/www.mydomain.com/public_html/
Everything before /public_html is not accessible from the internet - so you can put the DB details anywhere below the public_html level (for any domain) and include using the absolute path, e.g.:
Code: Select all
<?php
echo dirname(__FILE__);The path is likely a UNIX path (unless you have a windows server). It will point usually on a shared host to /home/username/www.mydomain.com/public_html/
Everything before /public_html is not accessible from the internet - so you can put the DB details anywhere below the public_html level (for any domain) and include using the absolute path, e.g.:
Code: Select all
include '/home/username/www.mydomain.com/db_details.php';-
php4user2007
- Forum Newbie
- Posts: 12
- Joined: Mon Apr 02, 2007 4:12 am
resolved
thank you very much - your suggestion was very helpful.