|
|
Posted by Andre Dubuc on 03/06/05 19:38
On Sunday 06 March 2005 11:47 am, Mattias Thorslund wrote:
> Since you can use fopen, I don't think open_basedir is the problem.
> Read about open_basedir here: http://us3.php.net/features.safe-mode
>
> Maybe the path that you use in the include is wrong?
>
> /Mattias
>
> Andre Dubuc wrote:
> >Hi,
> >
> >I am trying to 'insulate' my database connection from prying eyes by
> > moving the db connection code to a directory above docroot and then
> > calling it by an include. However, my IP has an open_basedir restriction
> > in effect that defeats what I'm trying to do.
> >
> >Perhaps I'm unclear what what the open_basedir does, and perhaps IP is
> >protecting me from an even worse security risk. However, I can call, using
> >fopen, many counter code pages that reside in the directory above docroot
> > - so I'm confused here. Perhaps it's the use of include - is there
> > another way to do this?
> >
> >
> >**************************************************************************
> >*****************
> >
> >The code so far:
> >
> >On any page that needs a db connection (in docroot path):
> ><?php
> >....
> >include("db-conn.php");
> >...
> >?>
> >
> >Db code page (located in directory above docroot):
> ><?php
> >$db = pg_connect("dbname=site user=confused password=toughone");
> >?>
> >
> >Tia,
> >Andre
>
> --
> More views at http://www.thorslund.us
Thanks Mattias,
I should have read my code a bit better -- forgot to set the absolute path for
the directory above docroot.
Works great now!
Regards,
Andre
Navigation:
[Reply to this message]
|