Re: about unsecure connection to mysql

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Sukanto Kho wrote:

I've created a file named 'connection'(used to connect to mysql server)...

This file connect to mysql server with user=root en password inserted....

The problem is user name (in this case root) and password appeared in
file...
so that anyone who get the file may know what the password and user name
is...

Are there any solution to more secure connection??

1. Put the file outside of your web root
2. Deny access to the file using .htaccess
3. Give the file a .php extension so people will only get the _result_ of the file (which if it just contains variables, the result will be empty).


--
---John Holmes...

Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/

php|architect: The Magazine for PHP Professionals – www.phparch.com

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux