On Tue, October 3, 2006 5:11 pm, Google Kreme wrote:
> As I understand it then, the .ht* is no less secure because, for all
> intents and purposes, it is 'outside' the webtree since Apache will
> never display it, and you need some other sort of access to the
> machine (ftp, ssh, etc) to access it.
On 03 Oct 2006, at 14:16 , Richard Lynch wrote:
On Tue, October 3, 2006 1:51 pm, Google Kreme wrote:
And yeah, a key is better, but I've not gotten that far.
See, whatever you do in that general vein of thought, your PHP script
ends up needing to get the file.
Well, yes, but at least with a
On Tue, October 3, 2006 1:51 pm, Google Kreme wrote:
> And yeah, a key is better, but I've not gotten that far.
Not really better...
See, whatever you do in that general vein of thought, your PHP script
ends up needing to get the file.
So whatever is in your PHP script, which is readable, just a
I tend to store passwords in mysql as hashed values (usually md5), and if I
am using scripts to connect to the database name that file (for example)
connect.inc and add an .htaccess file to stop user download of any files
called *.inc. Or store those files outside the web root in the include path.
On Tue, October 3, 2006 1:40 pm, Deckard wrote:
> Hi Richard,
>
> Richard Lynch wrote:
>> First, you're scaring the [bleep] out of me from a security
>> standpoint
>> writing mysql passwords into files...
> It's not that unusual.
> It's a matter of securing the web server.
Yes, it *is* unfortunate
It's not the "writing them into files" part...
It's the "I'm not sure you know what you are doing and maybe you're
writing them into files inside the webtree or introducing other gross
insecurities" part...
Hope that helps...
On Tue, October 3, 2006 2:39 pm, Deckard wrote:
> Hi Richard,
>
> Rich
Hi Richard,
Richard Lynch wrote:
> First, you're scaring the [bleep] out of me from a security standpoint
> writing mysql passwords into files...
I'm curious.
What would you do ?
No kidding intended. I'm serious.
Warm Regards,
Deckard
--
PHP General Mailing List (http://www.php.net/)
To unsubs
On 03 Oct 2006, at 12:40 , Deckard wrote:
Richard Lynch wrote:
First, you're scaring the [bleep] out of me from a security
standpoint
writing mysql passwords into files...
It's not that unusual.
It might not be unusual, but it's not that bright.
It's a matter of securing the web server.
Hi Richard,
Richard Lynch wrote:
> First, you're scaring the [bleep] out of me from a security standpoint
> writing mysql passwords into files...
It's not that unusual.
It's a matter of securing the web server.
> If you are NOT an expert in this stuff, stop now, please...
I'me not an expert, but
First, you're scaring the [bleep] out of me from a security standpoint
writing mysql passwords into files...
If you are NOT an expert in this stuff, stop now, please...
Next, you are missing the ';' at the end of each line to make valid
PHP code.
Finally, what you are saying about the password b
Hi,
Yes, it worked, but there's this strange thing.
The output of in to the file is:
$stringData = "";
is:
i. e., the variable $mysql_user_password within quotes is assuming its
value, not the string $mysql_user_password, while the others are ok.
*sigh*
Warm Regards,
Deckard
Brad Bonkosk
Hi
Yes, it worked, but there's this strange thing.
The output of in to the file is:
$stringData = "";
is:
i. e., the variable $mysql_user_password within quotes is assuming its
value, not the string $mysql_user_password, while the others are ok.
*sigh*
Warm Regards,
Deckard
Brad Bonkoski
On Tue, October 3, 2006 7:05 am, Deckard wrote:
> I have this code to write three lines in a file (config.php):
>
> $stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = '
> .
> $mysql_username . '\n' . '$mysql_user_password = ' .
> $mysql_user_password . '\n';
>
> but instead of bre
There is no real need to keep flipping in and out of the string like that,
just use this:
$stringData = "\n\n\$'$hostname = '$hostname\n\$$database =
wordlife\n\$$mysql_username = $mysql_username\n\$$mysql_user_password =
$mysql_user_password\n\n";
...or something similar - use double quotes to
Deckard wrote:
Hi Brad,
Thanks a lot for your answer and the other guys too.
It worked.
Now i have another doubt:
$stringData = '';
The variables contents should be written in the files within quotes, like:
$mysql_username = 'deckard';
This is getting me nuts.
Any ideas ?
Warm Regards,
De
Hi Brad,
Thanks a lot for your answer and the other guys too.
It worked.
Now i have another doubt:
$stringData = '';
The variables contents should be written in the files within quotes, like:
$mysql_username = 'deckard';
This is getting me nuts.
Any ideas ?
Warm Regards,
Deckard
Brad Bonko
double-quote it
Best Regards,
Deckard
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
http://www.web-buddha.co.uk
Deckard wrote:
Hello,
I have this code to write three lines in a file (config.php):
$stringData = '$hostname = ' . $hostname . '\n' . '$mysql_username = ' .
$mysql_username . '\n' . '$mysql_user_password = ' .
$mysql_user_password . '\n';
but instead of breaking a line, it appears in the file
[snip]
How can i make the line break ?
[/snip]
http://www.php.net/nl2br
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
19 matches
Mail list logo
