Is there a way to hide all database info such as p

2020-03-31 07:37发布

I'm creating several php scripts. Must I always insert the host, username, password, etc. for every script for the same database and table? Is there a way to make reference with only one line or some other way? Is there anyway to hide this info?

$host="XXXXXXXXX";
$username="XXXXX";
$password="XXXXX";
$db_name="XXXXXX";
$tbl_name="XXXXX";
mysql_connect("$host", "$username", "$password") or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

标签： php mysql passwords host

2条回答

Animai°情兽

2楼-- · 2020-03-31 07:58

If you don't want to put the credentials in php files then you can put them the php.ini configuration file.

mysql.default_host = "localhost"
mysql.default_user = "user"
mysql.default_password = "pass"

then in the php source:

<?php

$connect_db = mysql_connect();
$err = mysql_error();
if ($err != "")
{
        echo "Error connecting to database: $err";
        die;
}

if (!mysql_select_db("mydomain_com_test", $connect_db))
{
        echo mysql_error()."<br/>";
        die;
}

$sql = "SELECT NOW()";
$rows = mysql_query( $sql );

?>

0人赞添加讨论(0) 举报

我只想做你的唯一

3楼-- · 2020-03-31 08:01

While PHP files are executed and thus the source code is not visible from the web, an accidental misconfiguration could change this. You could put the DB configuration in a separate file outside the wbeserver's document root directory and use PHP's require command to include it in the other scripts.

However, depending on the PHP configuration, files outside the docroot may not be accessible to PHP scripts, but there are ways around this. This SO question discusses these issues in detail

0人赞添加讨论(0) 举报

Is there a way to hide all database info such as p

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间