Jump to content

SQL Login, how safe is it.


Randy_of_Neuron
 Share

Recommended Posts

I'm new to the PHP / SQL thing, so this might have been answered already. I searchend and can't find the answer directly though.If I make a PHP script that logs into a MySQL database on my server, and the "User Name' and 'Password' are directly given in the PHP script. Then I make the file have 711 permissions, can anyone extract the 'User Name' and 'Password' somehow? For example if I put in my PHP$con = mysql_connect("localhost","peter","abc123");if (!$con) { die('Could not connect: ' . mysql_error()); }mysql_select_db("my_db", $con);Like the W3 Tutorial says and make the file 711, can anyone extract out the "peter" or "abc123" and is this the safeset way to access a data base on a server? Thanks everyone.

Link to comment
Share on other sites

The answer is "no", no one can see any code inside your PHP file if you save the file as .php. Regardless of the permissions, if someone gets your file they don't see your PHP code, only the output of it. However, if they have FTP access to your site then they can see any code that they want to. But if they have normal HTTP access to your site then, no, they can't see your PHP code.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...