Search Postgresql Archives

Re: How to access Postgres .pgpass file from php?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello Howard,

On Sat, 2019-09-07 at 22:17 +0000, Howard Wells wrote:
> I have my php files in the web root, and the Postgres 10 logon
> credentials are in the php file.  I want to put them outside the web
> root for security, because a malicious robot could easily read the
> credentials. 
> 
> After research, I found the .pgpass file.  That looks like the ideal
> solution, but after even more research, I haven't found how to use
> that file from a php logon script. 
> 
> Here is the section from my php script:
> 
> $dsn =
> vsprintf('pgsql:host=%s;port=%s;dbname=%s;user=%s;password=%s', [
>     'host' => '000.00.00.00',
>     'port' => '5432',
>     'dbname' => '[dbname]',
>     'user' => '[username]',
>     'password' => '[password]',
> ]);
> 
> Currently I store the real dbname, user and password in the php.  My
> questions are:
> 
> 1.	How can I access it from the .pgpass file instead? 
> 
> 2.	Where is .phpass loccated in Apache2 Ubuntu 18.04?
> 
> Thanks for any help with this. 
> 
> Howard
> 
> 
> 

We use pg_service.conf to hold the access credentials.
It's just pg_connect("service=sandbox") for example, where 'sandbox' is
the tag for the database you wish to access.
Using Debian it is kept in the /etc/php/7.3/apache2 path, where 7.3
represents the php version. It needs to be owned by the Apache user
which defaults to 'www-data'. Permissions are 0600.

HTH,
Robert








[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux