Reply to Re: [PHP] How can I secure database passwords used by PHP webpages — PHP

Posted by John Holmes on 03/02/05 02:57

Rob Tanner wrote:
> WE have a number of PHP webpages that access one of several MySql databases
> and while the PHP files that contain the passwords cannot be accessed via the
> web, we are becoming increasingly concerned over the possibility of other
> webpage maintainers viewing those files. How have other folks protected
> database passwords needed by PHP apps?

Who are these "other webpage maintainers" and why do they have access to
your PHP source code? This isn't a PHP issue. The MySQL password has to
be in a file as plain text; there's no getting around that (as recently
discussed on here). Your issue is controlling access to the machine and
the files, so is an OS/policy/trust issue, imo.

--

---John Holmes...

Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/

php|architect: The Magazine for PHP Professionals – www.phparch.com

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация