File Include

Dysan

Hi,

Is it good practice to include all of the following code inside a separate file, then link to it via each page? Does this increase security?

session_start();
$con = mysql_connect("localhost","peter","abc123");
if (!$con)
{
  die(mysql_error());
}

mysql_select_db("db", $con);

alanzhao

usually I do it like this:

config.php

<?php
    $db_user = "me";
    $db_passwd = "me";
    $db_name = "me";
    $db_host = "me";
?>

functions.php

<?php
function connect_db() {
    global $db_user, $db_passwd, $db_name, $db_host;
    $con = mysql_connect($db_host,$db_user,$db_passwd);
    if (!$con)
   {
        die(mysql_error());
     }

  mysql_select_db($db_name, $con);   
}
?>

main.php


<?
   include_once("./config.php");
   session_start();
   connect_db();    

?>

also, put config.php into a separate directory and put a .htaccess file there to restrict access.