How to secure a PHP page ?

Discussion in 'PHP' started by Bhullarz, Aug 28, 2008.

  1. Bhullarz

    Bhullarz New Member

    Joined:
    Nov 15, 2006
    Messages:
    253
    Likes Received:
    13
    Trophy Points:
    0
    Occupation:
    System Manager
    Home Page:
    http://www.tutors161.com
    Hi all ! I am working on a website which is being developed using PHP-MySQL. I have to access the mysql database using username - password. The problem I'm having that I have kept username password in another file and used it as variables in wherever I need to connect to DB.

    I have one file with username password:
    Code:
    File.php
    ---------
    $username="root";
    $lhost="localhost";
    $secret="bhullarz";
    $dbn="sample";
    
    wherever I want to use it, I do the following:
    Code:
    require("file.php");
    $con=mysql_connect($lhost,$username,$secret) or die("Server not Available");
    
    But I don't think It's a secure practice as anyone can copy your website using website downloaders and can see the password. Is there anyother way to secure the password.
     
  2. shabbir

    shabbir Administrator Staff Member

    Joined:
    Jul 12, 2004
    Messages:
    15,346
    Likes Received:
    382
    Trophy Points:
    83
    PHP file would never give the output what its there in the variable unless you do some echo or other stuff. I am damn sure the site is more secure than you are thinking of.
     
  3. Bhullarz

    Bhullarz New Member

    Joined:
    Nov 15, 2006
    Messages:
    253
    Likes Received:
    13
    Trophy Points:
    0
    Occupation:
    System Manager
    Home Page:
    http://www.tutors161.com
    Ok. Thanks Shabbir. I tried few website copiers to download the website, which downloaded only HTML pages. It means PHP page won't be downloaded ?
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice