On 6/12/07, Ross <[EMAIL PROTECTED]> wrote:
I have a page of functions that I include in my page head. In this I have a function to connect. I can then just call this on each page when i need it. Does doing it this way cause any potential security risks?function connect() { $host="localhost"; $user="xxxxx"; $password="xxxxxx"; $dbname="xxxxx"; $link = mysql_connect($host, $user, $password) or die ('somethng went wrong:' .mysql_error() ); mysql_select_db($dbname, $link) or die ('somethng went wrong, DB error:' .mysql_error() ); } -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Get rid of the mysql_error() part. If you leave that in and somehow it is unable to connect, you'll get this: somethng went wrong:Access denied for user 'xxxxx'@'localhost' (using password: YES). It isn't a good idea to show people your DB username. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
