Re: dumb PHP question

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMVaughn Treude at <-
MDon Calfa at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Richard Whitney
Date:  
To: plug-discuss
Subject: Re: dumb PHP question
Try calling the page directly in the browser and take a look. If PHP is working
correctly you should see nothing and in the source you might see
<html><body></body</html>

Quoting Vaughn Treude <>:

> Hello all:
> I know there are a lot of PHP gurus on this list, so hopefully it's not too
> off-topic.
> I'm a newbie to PHP and I'm struggling with a login script for my
> organization's website. I'm using an example script I got off the Web
> somewhere. It uses MySQL through the "PEAR" database driver. Here's the
> code snippet for the connection code in db_connect.php:
>
> ---------------------------
>
> //require the PEAR::DB classes.
>
> require_once 'DB.php';
>
>
> $db_engine = 'mysql';
> $db_user = 'XXXX';
> $db_pass = 'YYYYYYYY';
> $db_host = 'ieeepacn.com';
> $db_name = 'ZZZZZZZ';
>
> $datasource = $db_engine.'://'.
>               $db_user.':'.
>               $db_pass.'@'.
>                $db_host.'/'.
>                 $db_name;

>
>
> $db_object = DB::connect($datasource, TRUE);
>
> ------------------------
>
> This works, but it occurs to me: how can this thing possibly be secure? The
> password's there in clear text. A person would only need read access to get
> it. And if the PHP file's not globally readable, the login fails. Is there
> some factor here I'm missing such that it's more protected than I think? Or
> is there a better way to approach this?
>
> Thanks!
> Vaughn
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>


R. Whitney
Transcend Development
"Producing the next phase of your internet presence"
http://xend.net
Premium Quality Web Hosting
http://hosting.xend.net

310-943-6498
602-288-5340
"The day this country abandons God is the day God will abandon this country"
"Linux is like a wigwam, no windows, no gates, apache inside." - borrowed from
Sharon Kimble off of the Fedora mailing list
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-dumb PHP questionRe: dumb PHP question->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)