I was just thinking that a better way to do this is with a public/private key
set. Then it would be secure, but as someone else mentioned, you'd have to
patch the source to make it work.
-Micah
On Friday 25 February 2005 07:29 am, Robby Russell wrote:
> On Thu, 2005-02-24 at 02:37 -0800, Gael Lams wrote:
> > Hi all
> >
> > I use the classic following rows to connect to a mysql
> > database. I always put $passsword in clear in the php
> > connection file and I wonder whether there is a way to
> > have it in md5 so that someone reading the file could
> > not use it to connect to the db. I googled a bit but
> > find only threads explaining how to have password
> > saved in md5 inside a mysql table which is not I would
> > like to do
> >
> > Regards,
> >
> > Gal
> >
> > function SQLConnect()
> > {
> > $server_name = 'localhost';
> > $db_name = 'cmsdb';
> > $user_name = 'user';
> > $password = 'clearpassword';
> >
> > if (!$dbconnect =
> > mysql_connect($server_name, $user_name, $password))
> > {
> > echo "Connection failed to the
> > host 'localhost'.";
> > exit;
> > }
> > if (!mysql_select_db($db_name))
> > {
> > echo "Cannot connect to
> > database '.$db_name.'";
> > exit;
> > }
> > }
>
> You could probably do this if you managed to take the mysql source code
> and changed the login functions.
>
> ..but if someone can see your password in MD5 format..could they then
> not login with the same privileges as with your plain text?
>
> -Robby
>
> --
> /***************************************
> * Robby Russell | Owner.Developer.Geek
> * PLANET ARGON | www.planetargon.com
> * Portland, OR | robby@xxxxxxxxxxxxxxx
> * 503.351.4730 | blog.planetargon.com
> * PHP/PostgreSQL Hosting & Development
> * --- Now hosting Ruby on Rails Apps ---
> ****************************************/
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
