Re: any security problems with this?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, June 12, 2007 7:01 am, Ross wrote:
> I have a page of functions that I include in my page head. In this I
> have a
> function to connect. I can then just call this on each page when i
> need it.
> Does doing it this way cause any potential security risks?

Of course there is risk.

Everything involves risk.

That it is a NECESSARY risk does not make it not a risk.

The risk is that you now have your password written down somewhere.

The questions to ask yourself are:
  Who can now read this password that shouldn't
  What can they do with that password that they shouldn't

You can REDUCE the risk by making it difficult for people to read the
file.  In particularl, it should not be in the web tree with all your
.htm and .php files, but in a separate directory, outside the web
tree, so that nobody could possibly surf directly to it and read it as
text.

Start reading here:
http://phpsec.org/

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux