Posted by Jussist on 05/29/07 13:32

> If the user can reed that, then they can read this

To me it somehow seems that the original poster is worried about
someone taking a short look on the code, and being able to read the
password. I understood that there is no need to be able to permanently
obfuscate the password for those who have full access to the code.

If however that is the requirement, you are out of luck. I've never
used Zend's platform products, but they might have some kind of
solution to that. Well, I was just thinking about similar behavior to
Weblogic, where the db passwords are stored and connections created
via manager-software. Something like this could of course be
implemented quite straightforwardly as php-extension, but whether that
would be worth the effort is another issue. So the user doesn't write:
<code>
mysql_connect("server", "username", "pass");
</code>
But rather:
<code>
$MyPlatform::getMysqlConnection("TheConnectionForMySyStem");
</code>
Or whatever.

--
Jussi
Deep abstraction kills strong typing.
http://disczero.com
http://view.fi
http://naamio.net
http://hoffburger.com

• Next in forum: Re: Need a good material for PHP
• Prev in forum: Contributions Required!!
• Thread view: Re: how to not write password in code for using to mysql?

[Reply to this message]