encrypted mysql password

apoorv.s · #1 (**permalink**) 01-06-12, 00:12

Hi,
I am using PHP-5.2.0 and mysql-5.1.50.
I created a ‘config.php’ file (all sensitive information about mysql connection in this file) and placed it in safe directory.
My concern is, mysql user password is in plain text. If anybody get access on this file he can see the password /or developers can print the password variable to see the password.
How I can keep password encrypted form and how to pass encrypted password to mysqli_connect function?
Please help.

hello-world · #2 (**permalink**) 01-23-12, 01:51

Quote:

Originally Posted by apoorv.s

Hi,
I am using PHP-5.2.0 and mysql-5.1.50.
I created a ‘config.php’ file (all sensitive information about mysql connection in this file) and placed it in safe directory.
My concern is, mysql user password is in plain text. If anybody get access on this file he can see the password /or developers can print the password variable to see the password.
How I can keep password encrypted form and how to pass encrypted password to mysqli_connect function?
Please help.

I have the same question. This is one answer I received: "There's no risk exposing password when you use mysql_connect() function in PHP. Internet user cannot see your PHP source code. When they request for your .php script, all they see is the HTML code it generates, not your PHP source code. Only authorized personnel such as developers or network admin who has access to your server can see the PHP source code."

I am still skeptical.

Internet Services

Web Development

Digital Marketing

Consumer Tech