> Ross wrote:
> > I have a page of functions that I include in my page head.
> In this I have a
> > function to connect. I can then just call this on each page
> when i need it.
> > Does doing it this way cause any potential security risks?
> >
> > function connect() {
> > $host="localhost";
> > $user="xxxxx";
> > $password="xxxxxx";
> > $dbname="xxxxx";
> >
> > $link = mysql_connect($host, $user, $password) or die
> ('somethng went
> > wrong:' .mysql_error() );
> > mysql_select_db($dbname, $link) or die ('somethng went
> wrong, DB error:'
> > ..mysql_error() );
> >
> > }
>
>
> The function can only be run if you call it in one of your
> scripts, when
> the database is needed. The user has no way of calling the
> function or
> seeing the code, so there shouldnt be any security risks at all.
>
Unless, of course, his page of functions is named 'readme.txt' and lives in
document root.
JM
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
