Reply to Re: Question on password visibilty? — PHP Programming Language

Posted by Geoff Muldoon on 07/13/05 04:15

Phil Coen says...

> Most use an HTML form that calls a separate php program. Most of the
> passwords are either hard coded in that php module or are in a file
> accessable by that module.
>
> Heck, anybody can download the php script and look at the passwords. Or,
> use it to see what file it is pointing to.

Phil,

The PHP include() function, unlike the HTML include, can reference files
which are outside the Apache docroot.

If you *have* to hard-code passwords somewhere, at least put them in a
file outside the Apache docroot and use a PHP include() call to reference
them in any PHP scripts which are within the scope of the Apache docroot.

Geoff M

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация