Results 1 to 2 of 2
  1. #1
    Join Date
    Jan 2012
    Posts
    3

    Unanswered: encrypted mysql password

    Hi,
    I am using PHP-5.2.0 and mysql-5.1.50.
    I created a ‘config.php’ file (all sensitive information about mysql connection in this file) and placed it in safe directory.
    My concern is, mysql user password is in plain text. If anybody get access on this file he can see the password /or developers can print the password variable to see the password.
    How I can keep password encrypted form and how to pass encrypted password to mysqli_connect function?
    Please help.

  2. #2
    Join Date
    Dec 2011
    Posts
    16
    Quote Originally Posted by apoorv.s View Post
    Hi,
    I am using PHP-5.2.0 and mysql-5.1.50.
    I created a ‘config.php’ file (all sensitive information about mysql connection in this file) and placed it in safe directory.
    My concern is, mysql user password is in plain text. If anybody get access on this file he can see the password /or developers can print the password variable to see the password.
    How I can keep password encrypted form and how to pass encrypted password to mysqli_connect function?
    Please help.
    I have the same question. This is one answer I received: "There's no risk exposing password when you use mysql_connect() function in PHP. Internet user cannot see your PHP source code. When they request for your .php script, all they see is the HTML code it generates, not your PHP source code. Only authorized personnel such as developers or network admin who has access to your server can see the PHP source code."

    I am still skeptical.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •