On 6/12/07, Ross <ross@xxxxxxxxxxxxx> wrote:
I have a page of functions that I include in my page head. In this I have a
function to connect. I can then just call this on each page when i need it.
Does doing it this way cause any potential security risks?
function connect() {
$host="localhost";
$user="xxxxx";
$password="xxxxxx";
$dbname="xxxxx";
$link = mysql_connect($host, $user, $password) or die ('somethng went
wrong:' .mysql_error() );
mysql_select_db($dbname, $link) or die ('somethng went wrong, DB error:'
.mysql_error() );
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Get rid of the mysql_error() part. If you leave that in and somehow
it is unable to connect, you'll get this: somethng went wrong:Access
denied for user 'xxxxx'@'localhost' (using password: YES). It isn't a
good idea to show people your DB username.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
