Newbie security database connection question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

NEWBIE: I have a security question:

When working with PHP and MySQL, it seems that a one method is to create a connection.php page to the database that will store the connection parameters such as username, password and URL ip in clear text and include this on various pages.

Since hackers seem to be getting better and better every day:

-  Is this common practice to store this security data in the clear on the PHP webpage?

- Wouldn't it be possible for a hacker to SNIFF around and pick up this sensitive "clear text" security data?

- Is there some better, more secure way to communicate from the website to the MySQL data source that is somehow sending encrypted information rather than clear text back and forth?

Thanks in advance for your help.


--
Thanks,
Dave - DealTek
dealtek@xxxxxxxxx
[db-11]




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php




[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux