Navigation

mphayesuk · #1 3rd April 2006, 18:23

What I am wanting to do is use a php page to ask for a username and password that is stored in a mysql database.

My plan was to use a username and password to connect to the mysql database that only has read access.

However what is to stop anyone from looking at the source of the php page and finding the username and password I have used to connect to the database and using it to get all the usernames and passwords stored.

I will be hosting the page on my own ISPConfig web hosting server.

Can anyone help.

Thanks

falko · #2 3rd April 2006, 19:45

Quote:

Originally Posted by mphayesuk

However what is to stop anyone from looking at the source of the php page and finding the username and password I have used to connect to the database and using it to get all the usernames and passwords stored.

The PHP script (better: Apache) will only deliver HTML code to your browser, not PHP code. So you can specify the username and password in your PHP file.

22hosting · #3 4th April 2006, 15:35

Indeed, and if you are thinking about inputting the username/password into further pages I would say use sessions.

If however you are referring to the fact that you are using an ISPConfig web hosting server, and the question relates to that. As in: can those others users of the server access my source. Then yes, they can via shell access or if they are an administrator. Unless you compile your php (dont ask me how, i've never done it ;-))

sbovisjb1 · #4 5th April 2006, 22:25

Ya Apache is good and go to piratebay.org and in "other" there is a torrent of 300 excellent PHP scripts.

mphayesuk · #5 6th April 2006, 17:17

22hosting... I see what you mean with the users... I will be keeping the source code under my own web space so no other uses except me can view the original files... I will take a look into sessions and compiling php... thanks for the posts... I have just bought a php book so I am sure I can come up with something.

Thanks