Try calling the page directly in the browser and take a look. If PHP is working
correctly you should see nothing and in the source you might see
<html><body></body</html>
Quoting Vaughn Treude <
vltreude@deru.com>:
> Hello all:
> I know there are a lot of PHP gurus on this list, so hopefully it's not too
> off-topic.
> I'm a newbie to PHP and I'm struggling with a login script for my
> organization's website. I'm using an example script I got off the Web
> somewhere. It uses MySQL through the "PEAR" database driver. Here's the
> code snippet for the connection code in db_connect.php:
>
> ---------------------------
>
> //require the PEAR::DB classes.
>
> require_once 'DB.php';
>
>
> $db_engine = 'mysql';
> $db_user = 'XXXX';
> $db_pass = 'YYYYYYYY';
> $db_host = 'ieeepacn.com';
> $db_name = 'ZZZZZZZ';
>
> $datasource = $db_engine.'://'.
> $db_user.':'.
> $db_pass.'@'.
> $db_host.'/'.
> $db_name;
>
>
> $db_object = DB::connect($datasource, TRUE);
>
> ------------------------
>
> This works, but it occurs to me: how can this thing possibly be secure? The
> password's there in clear text. A person would only need read access to get
> it. And if the PHP file's not globally readable, the login fails. Is there
> some factor here I'm missing such that it's more protected than I think? Or
> is there a better way to approach this?
>
> Thanks!
> Vaughn
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
R. Whitney
Transcend Development
"Producing the next phase of your internet presence"
http://xend.net
Premium Quality Web Hosting
http://hosting.xend.net
rw@xend.net
310-943-6498
602-288-5340
"The day this country abandons God is the day God will abandon this country"
"Linux is like a wigwam, no windows, no gates, apache inside." - borrowed from
Sharon Kimble off of the Fedora mailing list
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss