php-general Digest 2 Nov 2011 15:34:35 -0000 Issue 7549
Topics (messages 315576 through 315580):
Re: Placing the masterpassword
315576 by: Jim Giner
315577 by: Alain Williams
315578 by: Jim Giner
Re: ÄãÓᦱ¦Âð£¿Ãâ·ÑË͸ø±¦±¦µÄÀñÎï¡£
315579 by: Daniel Brown
PHP and webmaster tools
315580 by: Rick Dwyer
Administrivia:
To subscribe to the digest, e-mail:
[email protected]
To unsubscribe from the digest, e-mail:
[email protected]
To post to the list, e-mail:
[email protected]
----------------------------------------------------------------------
--- Begin Message ---
I've always thought that it was pretty safe to store this kind of material
outside of the web-browser accessible path of your host. Of course, you
then have to be careful who has access to your site via ftp.
Let's see what comes of this question :)
--- End Message ---
--- Begin Message ---
On Tue, Nov 01, 2011 at 02:24:05PM +0100, Florian Müller wrote:
>
> Hi all
> I got a little question about a good application design in PHP.
> If I use a mysql connection for example, I have to store my mysql-password
> somewhere in the code. If it's just in the mysql-class, that's not that good,
> because if somebody changes the functionality, he'd see it.
> I also can't store it in a text file. Until now, I just created a password
> class where all the passwords are described and i can get them by a
> get-function.
> Where are passwords stored in the big applications? There has to be at least
> one big masterpassword somewhere - how can I store it safely? How is this
> problem solved in big systems in production?
I store things like this in a file above the document root - so not grabbable
by URL.
Don't store it in the code ... you then end up with the password stored in
several
places & then difficult to change.
--
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT
Lecturer.
+44 (0) 787 668 0256 http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information:
http://www.phcomp.co.uk/contact.php
#include <std_disclaimer.h>
--- End Message ---
--- Begin Message ---
>
> I store things like this in a file above the document root - so not
> grabbable by URL.
> Don't store it in the code ... you then end up with the password stored in
> several
> places & then difficult to change.
>
> --
> Alain Williams
> Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT
> Lecturer.
> +44 (0) 787 668 0256 http://www.phcomp.co.uk/
> Parliament Hill Computers Ltd. Registration Information:
> http://www.phcomp.co.uk/contact.php
> #include <std_disclaimer.h>
This is what I thought was proper protocol. Though I actually store my sql
password in a file that I include in my programs to make the sqlconnect to a
database. So - that way I don't have it stored in multiple places. And
yes - I use the same pswd for all my databases.
--- End Message ---
--- Begin Message ---
2011/11/1 Sharl.Jimh.Tsin <[email protected]>:
>
> advertisement,ban it plz.
We know what it is, please do not reply to SPAM on the list. Just
mark it as SPAM and ignore it in the future.
--
</Daniel P. Brown>
Network Infrastructure Manager
http://www.php.net/
--- End Message ---
--- Begin Message ---
Hello list.
I am looking for someone who knows PHP and has extensive
experience with webmaster tools.
I have a series of crawl errors I need resolved but cannot find the
bad URL's anywhere on the site.
Please contact me off list.
Thanks,
--Rick
--- End Message ---
