Hi
I have saved all my database password in a file called configure.php in a folder. Which users should I allow to access this file and which ones should I not? -
+--------------------------------+
-
|----------| Read |Write|Execute |
-
+--------------------------------+
-
|Owner | | | |
-
+--------------------------------+
-
|Group | | | |
-
+--------------------------------+
-
|all users | | | |
-
+--------------------------------+
-
9 1448
Which users should I allow to access this file and which ones should I not?
Great you are asking it from us ! Why you need to store the DATABASE passwords on a ".php" file?
Hi
Here is an example.. When I use the code below -
mysql_connect(Host, Username, Password);
-
I can't just write my username and password. I may use this code more than 100 times in my scripts.. So it's better to use variables and put them in a file and then include the file whenever i need to connect to mysql. So I put my username and password in a file but i don't know which users should be allowed to access this file
Thanks for the reply
Heya, bnashenas1984.
Or you can put the code to connect to the database in one file and then include it when you need to access it.
Have a look at this article.
Hi
Here is an example.. When I use the code below
mysql_connect(Host, Username, Password);
I can't just write my username and password. I may use this code more than 100 times in my scripts.. So it's better to use variables and put them in a file and then include the file whenever i need to connect to mysql. So I put my username and password in a file but i don't know which users should be allowed to access this file
Thanks for the reply
The most secure way is, put your file out side the "web root" Then, from Php Application Level you can access this file. public users can't access it.
Hi
Thanks for your replys. Thats a good idea to put the file outside the root but how can i access it myself? I mean what address should i use to access this file with a PHP script inside the root?
Thanks again
Behzad
Heya, Behzad.
When you use include() or require(), you can specify a filesystem path.
Add this code to your main inc file: -
ini_set( 'include_path', '/path/to/protected/folder:' . ini_get('include_path') );
-
-
require 'protectedFile.php';
-
Thank you pbmod for the reply
The code you sent seems to be useful but the problem is that I'v alrealy finished my scripts and I have used (include) function more than 100 times. So I don't think I can change my include directory easily. I think It's better to just move the file containing passwords outside the root.. The only thing I don't know is what address I have to use to access the file outside the root ( in a php file inside the root )
Thank you pbmod for the reply
The code you sent seems to be useful but the problem is that I'v alrealy finished my scripts and I have used (include) function more than 100 times. So I don't think I can change my include directory easily. I think It's better to just move the file containing passwords outside the root.. The only thing I don't know is what address I have to use to access the file outside the root ( in a php file inside the root )
From a standard web browser, there is no way to access any file which resides out side the public web root. Why you need to access the file anyway? the require() or include() functions will do the job for you. Once you include your protected file in to a page which is inside the public web root, you can call to the public file, then internally that file will call for the protected file.
public_file.php - require 'path_to_protected_file';
-
echo 'This file contains a protected file too';
-
Thanks for sharing your informations
It helps all the time
Sign in to post your reply or Sign up for a free account.
Similar topics
by: John J. Hughes II |
last post by:
I am having some major problem with maintaining security for my windows
application to the SQL. Currently my application access the SQL using
System.Data.SqlClient and all forms use stored...
|
by: dog |
last post by:
I've seen plenty of articles on this topic but none of them have been
able to solve my problem.
I am working with an Access 97 database on an NT4.0 machine, which has
many Access reports.
I...
|
by: Grasshopper |
last post by:
Hi,
I am automating Access reports to PDF using PDF Writer 6.0. I've
created a DTS package to run the reports and schedule a job to run this
DTS package. If I PC Anywhere into the server on...
|
by: TechBoy |
last post by:
I am trying to learn on the fly about Access Security for an app we are
developing. I realize Access security is an advanced subject with many
details. I wanted to share a scenario and ask a...
|
by: James |
last post by:
I have a VB windows forms application that accesses a Microsoft Access
database that has been secured using user-level security. The
application is being deployed using No-Touch deployment. The...
|
by: Notgiven |
last post by:
I am considering a large project and they currently use LDAP on MS platform.
It would be moved to a LAMP platform. OpenLDAP is an option though I have
not used it before. I do feel fairly...
|
by: codercode |
last post by:
I'm working on a Visual Basic .NET using Access database. However, my
client already have a 30MB database with Sybase ASA and Sybase is way
too much for that. Is there anyway I can migrate from a...
|
by: JMG |
last post by:
Hi All,
I have no idea if this is the correct place to post this question, but
I'm hoping so :). My problem is that I have a text file containing 5
sets of passwords on a single line space...
|
by: Emmi |
last post by:
Once again on the db I have inherited...
I have read numerous posts about how to set up security in access and have printed out the step by step instructions I found a link for from another post...
|
by: DolphinDB |
last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation.
Take...
|
by: ryjfgjl |
last post by:
ExcelToDatabase: batch import excel into database automatically...
|
by: isladogs |
last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM).
In this month's session, we are pleased to welcome back...
|
by: Vimpel783 |
last post by:
Hello!
Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
|
by: ArrayDB |
last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Shællîpôpï 09 |
last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
|
by: af34tf |
last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
| |