cancel
Showing results for 
Search instead for 
Did you mean: 

Passwords and stuff

N/A

Passwords and stuff

I've written a few php/mysql pages. I'm just starting out. It all hangs together ok(ish).

I forgot what my password for the mysql database was and I used a 'contact us' ticket to find it out.

Quick as a flash, I got the response telling me what I needed to know.

What I now realise is that the password is re-set to a new one so none of my scripts work now! It is a simple matter at the moment to edit the half dozen files to replace the password but as things grow this task will become more difficult (I'm bound to forget or lose it at some point!)

Is there a way of putting these details in ONE file and referring to it from all of the others? If so, are there security implications?

3 REPLIES
N/A

RE: Passwords and stuff

I personally have always used a class to abstract access to my database. i.e. then all you need to do is include the file with the class in, then instantiate it access the db. This approach also has the benefit that you can use your own access methods to the database. For instance to access my database and return a query as an associative array (very handy) I use the following code:

include('MYSQL.php');
$db = new MYSQL();
$results_array = $db->query("<SQL QUERY>");

I can't claim all the credit for this though, I adapted someone elses work (original code is available with lots of usual comments at http://codewalkers.com/getcode.php?id=45 )

As for the security aspect I don't see a problem with this approach. Although what I do tend to do nowadays is place this file outside the public_html root (I picked up this trick from using the Smarty template engine http://smarty.php.net as they recommend doing this to prevent people viewing your template code)
N/A

RE: Passwords and stuff

I prefer to just use an include file with db details in - that way you just modify the one file with the db/password details in.

It's a bit like using an external css file - you only have to change one file to affect all pages.

Martin

> I've written a few php/mysql pages. I'm just starting out. It all hangs together ok(ish).
>
> I forgot what my password for the mysql database was and I used a 'contact us' ticket to find it out.
>
> Quick as a flash, I got the response telling me what I needed to know.
>
> What I now realise is that the password is re-set to a new one so none of my scripts work now! It is a simple matter at the moment to edit the half dozen files to replace the password but as things grow this task will become more difficult (I'm bound to forget or lose it at some point!)
>
> Is there a way of putting these details in ONE file and referring to it from all of the others? If so, are there security implications?
>
>

re-create-it
Grafter
Posts: 55
Registered: 13-08-2007

RE: Passwords and stuff

> I prefer to just use an include file with db details in - that way you just modify the one file with the db/password details in.
>


This is exactly how I do it too and it works very well for me.

Another advantage is as follows:
I keep my db_connect.php file in a folder called _template. This db file is different on the server and the local machine for obvious reasons. Now I develop db scritps on a local machine (MySQL/PHP/Apache installed from phptriad) and everything connects locally to my local db. Then when you upload, the connection data is still vaild for the remote db without editting every script.
--
Phil Reed
[re-create] | www.re-create-it.co.uk