Make the include file (or wherever your page with the pass is)
encrypted, see ioncube.com they charge by the amount of code you
incrypt, for a simple database include file, I think it would
be $1 or less.
On Wed, 2002-11-06 at 16:04, William Trappeniers wrote:
> Hi all
>
> I was wondering if it i
One thing I do with Postgres that I'm not sure MySQL supports is
Kerberos5 authentication. This way, a user logs in (and they have a user
account on the DB) and I use their remote user name and their Kerberos
ticket to authenticate them to the DB. That works without having to
store a password a
PROTECTED]
Subject: Re: [PHP-DB] MySQL password protection?
Create a user "nobody" with no password and give that user select,
update,
delete and insert capabilities in your DB and can only connect from
localhost (or a certain host). This way they have to be on localhost in
order to gain
The standard apache install filters anything named .ht*. on the web
tree.
-- Josh
-Original Message-
From: Peter Beckman [mailto:beckman@;purplecow.com]
Sent: Wednesday, November 06, 2002 6:44 PM
To: Steve Cayford
Cc: [EMAIL PROTECTED]; William Trappeniers
Subject: Re: [PHP-DB] MySQL
And make sure you make sure the webserver will not SERVE that file!!! You
see the source, see that you are fopening the file, I'll find it on your
system and get it from the web server and I have your password!
Make sure the file is NOT in the document root that the web server serves
from. You c
Create a user "nobody" with no password and give that user select, update,
delete and insert capabilities in your DB and can only connect from
localhost (or a certain host). This way they have to be on localhost in
order to gain access to your tables, and only then be able to do what your
nobody u
fo in it.
-Original Message-
From: 1LT John W. Holmes [mailto:holmes072000@;charter.net]
Sent: Wednesday, November 06, 2002 4:16 PM
To: William Trappeniers; [EMAIL PROTECTED]
Subject: Re: [PHP-DB] MySQL password protection?
> I was wondering if it is possible to protect my passwor
AIL PROTECTED]>
To: "'1LT John W. Holmes'" <[EMAIL PROTECTED]>; "William Trappeniers"
<[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, November 06, 2002 5:30 PM
Subject: RE: [PHP-DB] MySQL password protection?
> actually you can make a
You could put it anywhere. Stick it in a text file somewhere, fopen()
and read the file for the password. Or keep it in a php script outside
of the web root if that's the issue, then just include() it when you
need to.
Of course any file you put it in will have to be readable by whatever
user
72000@;charter.net]
Sent: Wednesday, November 06, 2002 4:16 PM
To: William Trappeniers; [EMAIL PROTECTED]
Subject: Re: [PHP-DB] MySQL password protection?
> I was wondering if it is possible to protect my password to the
MySQL-server
> from being in a PHP-script. Now I can't do that,
> I was wondering if it is possible to protect my password to the
MySQL-server
> from being in a PHP-script. Now I can't do that, so everybody who gets to
> see my php-sourcecode also can see my (not protected/not encrypted)
> password.
> How can I change this?
You can't, unless you want to put i
Hi all
I was wondering if it is possible to protect my password to the MySQL-server
from being in a PHP-script. Now I can't do that, so everybody who gets to
see my php-sourcecode also can see my (not protected/not encrypted)
password.
How can I change this?
Thanks,
William
---
William Trappen
12 matches
Mail list logo
