Re: [PHP] How secure is this? From: Philip Olson (philip <email protected>)
Date: 12/29/00

If this include parses it will not be seen by web. So, calling
on your " dbconfig.php " will show world nothing. Although
optimally it wouldn't be accessable via web.

Consider :

      Title : .inc files - how secure are they?
      http://phpbuilder.com/tips/item.php?id=66

      ( note: user comments within tip)

This should provide some useful information.

Philip

On Sat, 30 Dec 2000, Sefton wrote:

> I have setup a page that accesses mysql. The page has to included the
> account login name and password to access the mysql database.
> Example...
>
> <?php
> $user = "username"; //actual username goes here
> $pass = "password"; //actual password goes here
>
> $db = mysql_connect("localhost", $user, $pass)OR DIE("Unable to connect
> to database");
> ?>
>
> If you get the idea.
>
> My concern is what if somebody can get to the source code. It could ruin me.
> I realise the php is a server side language, but is there any way that
> somebody could read this. If so how do i stop it? or is there another way to
> store my username & password that cannot be read.
>
> Please help
>
> Thanks
>
> Chris
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: php-general-unsubscribe <email protected>
> For additional commands, e-mail: php-general-help <email protected>
> To contact the list administrators, e-mail: php-list-admin <email protected>
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: php-general-unsubscribe <email protected>
For additional commands, e-mail: php-general-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>