Re: [PHP] Hiding password in a class file (object-oriented programming)?
Putting in php tags does not necessarily mean that it will be parsed as php. If you are using Apache web server, the file type ( php htm etc) needs to be identified as a php file. This is done in the httpd.conf configuration file. Just putting php tags in a htm file usually does not work by default. Getting back to the original question, the include file does have to have an .inc extension. I am pretty sure that this is a convention but is not mandatory. end your include file with a php extension cheers Dave Ben Bleything wrote: put ?php ? tags around the file you include, and it will parse it as PHP = I'm doing this now. I have a bunch of files in a subdir of the published directory, that contain functions and definitions to do these things, and I include them at the beginning of each file. But, you do need ?php ? tags around the includes. = Ben Quoting Thomas David Kehoe [EMAIL PROTECTED]: How do I put my password into an external file? I have dozens of webpages with the line mysql_connect (localhost, username, password); What if I have to change my password? Rather then change dozens of scripts, I want to put this line into an external file and call it with include. The problem is security. If I make the file a class, then the file extension must be .inc. Anyone can type in the URL and see the contents of the file. I've tried these solutions, without success: Changing the permission to everyone-execute and owner-read doesn't work, apparently because a .inc file is read, not executed. Using the .php file extension (instead of .inc) executes the script when the URL is accessed. The user sees nothing, if the file contains no HTML. But class only works with the .inc extension. Using include without making a class treats the file as HTML and it doesn't execute. -- Thomas David Kehoe, author of THE EVOLUTION OF INTIMATE RELATIONSHIPS How Our Brains Are Hardwired For Relationships http://www.FriendshipCenter.com/TEIR/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Hiding password in a class file (object-oriented programming)?
Hi Thomas!
On Mon, 09 Jul 2001, Thomas David Kehoe wrote:
How do I put my password into an external file?
I have dozens of webpages with the line
mysql_connect (localhost, username, password);
What if I have to change my password? Rather then change dozens of scripts,
I want to put this line into an external file and call it with include.
The problem is security. If I make the file a class, then the file
extension must be .inc. Anyone can type in the URL and see the contents of
the file.
huh? you've learnt something wrong from various places. Who said it must be
inc? It can be even .my-super-dooper-class, but it's safer to just name the
file .php
as for passwords, define() all the parameters you use in a configuration file
and keep it outside webroot
e.g.
/www
+--/htdocs
+--/images (etc.)
^- at this level let's say you have config.php w/
define('DB_PASSWORD','yabadubi')
then, in db.sql you just include() the config.php file.
Changing the permission to everyone-execute and owner-read doesn't work,
apparently because a .inc file is read, not executed.
Using the .php file extension (instead of .inc) executes the script when the
URL is accessed. The user sees nothing, if the file contains no HTML. But
class only works with the .inc extension. Using include without making a
class treats the file as HTML and it doesn't execute.
nope, include can include even foo.exe as php code, if foo.exe has php code
section i.e. ?php /* code here */? so your file must least start with an
open tag.
cheers,
-- teodor
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Hiding password in a class file (object-oriented programming)?
How do I put my password into an external file? I have dozens of webpages with the line mysql_connect (localhost, username, password); What if I have to change my password? Rather then change dozens of scripts, I want to put this line into an external file and call it with include. The problem is security. If I make the file a class, then the file extension must be .inc. Anyone can type in the URL and see the contents of the file. I've tried these solutions, without success: Changing the permission to everyone-execute and owner-read doesn't work, apparently because a .inc file is read, not executed. Using the .php file extension (instead of .inc) executes the script when the URL is accessed. The user sees nothing, if the file contains no HTML. But class only works with the .inc extension. Using include without making a class treats the file as HTML and it doesn't execute. -- Thomas David Kehoe, author of THE EVOLUTION OF INTIMATE RELATIONSHIPS How Our Brains Are Hardwired For Relationships http://www.FriendshipCenter.com/TEIR/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Hiding password in a class file (object-oriented programming)?
put ?php ? tags around the file you include, and it will parse it as PHP = I'm doing this now. I have a bunch of files in a subdir of the published directory, that contain functions and definitions to do these things, and I include them at the beginning of each file. But, you do need ?php ? tags around the includes. = Ben Quoting Thomas David Kehoe [EMAIL PROTECTED]: How do I put my password into an external file? I have dozens of webpages with the line mysql_connect (localhost, username, password); What if I have to change my password? Rather then change dozens of scripts, I want to put this line into an external file and call it with include. The problem is security. If I make the file a class, then the file extension must be .inc. Anyone can type in the URL and see the contents of the file. I've tried these solutions, without success: Changing the permission to everyone-execute and owner-read doesn't work, apparently because a .inc file is read, not executed. Using the .php file extension (instead of .inc) executes the script when the URL is accessed. The user sees nothing, if the file contains no HTML. But class only works with the .inc extension. Using include without making a class treats the file as HTML and it doesn't execute. -- Thomas David Kehoe, author of THE EVOLUTION OF INTIMATE RELATIONSHIPS How Our Brains Are Hardwired For Relationships http://www.FriendshipCenter.com/TEIR/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
