467,921 Members | 1,421 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 467,921 developers. It's quick & easy.

What is the point of having a SQL password for a non-root user?

32bit
Given that we use code like the following:

Expand|Select|Wrap|Line Numbers
  1.  <?php
  2. session_start();
  3. $DATABASE_HOST = 'localhost';
  4. $DATABASE_USER = 'user';
  5. $DATABASE_PASS = 'password';
  6. $DATABASE_NAME = 'library';
  7.  
What is the point of the password, if we can see the password in the PHP code, considering that its trivial
to download the PHP script from the server? It seems rather pointless to me.
2 Weeks Ago #1

✓ answered by Dormilich

as is the case with javascript
And that's where you're mistaken. PHP code is executed on the server (that's why it's referred to as a server-side language), not on the client/browser.

  • viewed: 1889
Share:
4 Replies
Dormilich
Expert Mod 8TB
considering that its trivial to download the PHP script from the server?
Well, the point of PHP code is to be executed, not downloaded. Unless of course your web server is misconfigured.
1 Week Ago #2
32bit
But correct me if I'm wrong, but, as is the case with javascript, etc. since the browser must be able to send a GET for the php code, restricting a php directory and then attempting to call the script in a document in a non-restricted directory will cause a 403 response in the server.
1 Week Ago #3
Dormilich
Expert Mod 8TB
as is the case with javascript
And that's where you're mistaken. PHP code is executed on the server (that's why it's referred to as a server-side language), not on the client/browser.
1 Week Ago #4
32bit
That would explain things- Though, I was under the impression that where you use an include in PHP that it was similar to header- in that the client still had to send a "GET" in order to get the include. Though, I can see, after some experimentation of sorts, that with server side languages that this is not the case.
1 Week Ago #5

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

reply views Thread by George Chorny | last post: by
reply views Thread by Joseph Geretz | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.