Re: Best practice regarding MySQL username/pw in script file??
- From: cewyattjr@xxxxxxxxx
- Date: 16 Jul 2006 13:14:41 -0700
Thanks for all these great suggestions!
J.O. Aho wrote:
dimo414 wrote:
I agree with the suggestion to keep username/password files outside the
web root. If you cannot do this (such as scripts like PHPBB and
Coppermine) place the username/passwords inside a PHP file as varibles
which can be included in any needed scripts, this way, if someone knows
the name of the password file, and tries to view it, all they will see
is a blank screen, as the PHP was parsed and dealt with before being
sent out.
You can move the file outside the web-root too, move the file to a secure
location, create a new file with the same name in the same location and you
just add the include_once/include line to include the original configuration
file, this works fine as long as there aren't any include lines in the
original file, if there are, you need to change those to include an absolute
path to the included files instead of relative paths.
//Aho
.
- References:
- Best practice regarding MySQL username/pw in script file??
- From: cewyattjr
- Re: Best practice regarding MySQL username/pw in script file??
- From: dimo414
- Re: Best practice regarding MySQL username/pw in script file??
- From: J.O. Aho
- Best practice regarding MySQL username/pw in script file??
- Prev by Date: Re: Only showing 20 lines per page...
- Next by Date: V5 backwards compatible?
- Previous by thread: Re: Best practice regarding MySQL username/pw in script file??
- Next by thread: Re: 2D Array
- Index(es):
Relevant Pages
|
