Posted by J.O. Aho on 03/08/06 18:29

Mark@home wrote:
> Can anyone tell me how i can prevent that users can see my connection string
> to mysql database?

You see to that the page is processed by php and you avoid

echo "secret data: mysql_connect('example.com:3307', 'mysql_user',
'mysql_password')";

> Using my browser i could easely use the function: view source.....showing
> the html/php code.

Have you ever tried to look at the "source" of a processed php script?


> IF the file includes the connection string than anyone could see my database
> name and password.....
>
> How can i prevent this??

Include files should end with php, eg myfile.inc.php
myfile.php

If you let the php files end with .inc (or anything else than php), then you
need to modify your server settings, so that the include files are processed, eg

AddType application/x-httpd-php .inc


//Aho

• Next in forum: MySQL Syntax errors
• Prev in forum: Re: How to prevent "view sourse" of php database file
• Thread view: Re: How to prevent "view sourse" of php database file

[Reply to this message]