Question for everyone

alfoxy

How do you all protect your database login and password being read by malicious people ?
Thanks
Al

Anon

There are a number of ways in which you can protect your database login and password. Usually, I put my passwords in a seperate include file, with a .php extension. With the php extension, the file will be parsed anytime it is called for (assuming it is a web call).

Additionally, you can put these include files outside of the web directory structure. This gives added security, but is not always available to developers.

greg252

include a file containing the variables that resides outside of the web path.

alfoxy

Thanks lads... just one thing what dom you mean by outside the web path ? sorry im new to this whole thing !
Thanks
Al

[deleted]

Your webserver reads all it's pages and scripts from one directory on the server. That is the 'documentroot'.

The webserver cannot read files that are not in that directory or in a subdirectory of that directory.

PHP However can read files that are 'outside the documentroot'.

Therefore, putting your passwords in a file outside the documentroot means only PHP can read it, and hackers cannot get the file by entering it's name in the URL.

A forum, a FAQ, email notification, what else do you need?

Time to YAPF!: http://www.yapf.net/

alfoxy

Thanks a million lads youve been very helpful
Al