When connecting to your db with php

penguinmama

66.***.***.***

Reply | #92

1,446 days ago

When connecting to your db with php

Do you put the connection info in your php script, or do you reference it from a separate, less-accessible file?

Dismounted

59.***.***.***

Reply | #121

1,440 days ago

I put all configuration into a php file (config.php) and reference to it by an include. It really doesn't matter as users can't access variables directly anyway.

penguinmama

12.***.***.***

Reply | #159

1,437 days ago

Technically, no... but it IS possible to get a copy of the file itself, is it not? If I made a link on a separate page to a .php page, if I right-clicked and "save target as..." ... would I get the .html or would I get the .php raw?

Bill

80.***.***.***

Reply | #161

1,437 days ago

penguinmama;159:

Technically, no... but it IS possible to get a copy of the file itself, is it not? If I made a link on a separate page to a .php page, if I right-clicked and "save target as..." ... would I get the .html or would I get the .php raw?

The PHP file would still contain the same output as when you visit it with a browser. To get the source of a PHP file there would have to be special circumstances such as a cracked password somewhere or having whacky permissions set while being on a virtual account in a shared server.

Darkneoboi

68.***.***.***

Reply | #162

1,435 days ago

You can't get it from the source of a web browser since it would show as html not php, and in html it doesn't show all the database info. So it really doesn't matter where you put it though it is best if you include it in a config.php file since you can also put all the connection info in there and you don't have to keep typing it over and over again.

penguinmama

12.***.***.***

Reply | #167

1,435 days ago

ah, well, that's good to know. I'm glad I was wrong about that one.

Dismounted

59.***.***.***

Reply | #170

1,435 days ago

Remember this, no one can access raw PHP code from the browser itself.

sheeri

70.***.***.***

Reply | #231

1,428 days ago

I put it in a separate file more for the purposes of centralization -- if I have more than one php file that needs the information, and I want to change it, then I only have to change it in one location.

penguinmama

12.***.***.***

Reply | #239

1,423 days ago

Now THAT is a very good point! I've found that I love using PHP to design a site simply because I can do a lot of the code ONCE and just include it in every page.

Bradd

203.***.***.***

Reply | #311

1,415 days ago

Dismounted;121:

I put all configuration into a php file (config.php) and reference to it by an include. It really doesn't matter as users can't access variables directly anyway.

I am sure it is good to put in confiq file and i found that is the best way to do this job !

sheeri

209.***.***.***

Reply | #316

1,414 days ago

Oh, one more thing -- your include file doesn't have to be in a web directory. We keep our include files outside of what our webserver can see (ie, not under a DocumentRoot).

penguinmama

12.***.***.***

Reply | #344

1,398 days ago

Yes, I have recently learned about - and used - that. I have an include file well out of my DocumentRoot, and not web accessible. I can see where that will be a VERY handy thing to have.

mtajim

202.***.***.***

Reply | #389

1,320 days ago

Its always good to use include files for such connections strings. Its gives more security anf flexiblity to call it anywhere in web page