Posted by cbmeeks on 06/26/07 17:03

I don't know if this has been mentioned, but one way you can do it is
to store the passwords in some weird place (outside htdocs/www) and
simply mangle the password.

For example, in some of my python scripts, I load a config file that
contains password for db.

The password might be: red*igloo

But in the config file, it's: 0r05ed**0igloo55

Then, in python: pass =
pass.replace("0","").replace("5","").replace("**","*")

That's a crude example but you get the idea. Of course, this is NOT
bullet proof if the user can browse your source code and they can
probably figure it out but even if it stops 50% of potential thieves,
it is worth it because it is so easy to do.

Of course, you should make sure you are using a reliable host from a
good company.
http://eblarg.com


On May 27, 5:15 am, "_mario.lat" <n...@libero.it> wrote:
> hallo,
> I use PHP and I'd like to not write in hardcoded way password
> and login to access to mysql.
> how to not write password in code for access to mysql?
> How can I do?
> I'd like that who see my code don't see my paswords.
> there is a solution?
> Thank you in advance.
> Mario.

[Back to original message]