有没有办法隐藏所有数据库信息,例如密码,用户名等? [英] Is there a way to hide all database info such as password, username, etc?
问题描述
我正在创建几个php脚本.我是否必须始终为同一数据库和表的每个脚本插入主机,用户名,密码等?有没有一种方法可以仅使用一行或其他方法进行引用?反正有隐藏此信息吗?
I'm creating several php scripts. Must I always insert the host, username, password, etc. for every script for the same database and table? Is there a way to make reference with only one line or some other way? Is there anyway to hide this info?
$host="XXXXXXXXX";
$username="XXXXX";
$password="XXXXX";
$db_name="XXXXXX";
$tbl_name="XXXXX";
mysql_connect("$host", "$username", "$password") or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
推荐答案
虽然执行了PHP文件,因此从Web上看不到源代码,但意外的配置错误可能会改变这一点.您可以将数据库配置放在wbeserver文档根目录之外的单独文件 中,并使用PHP的require
命令将其包含在其他脚本中.
While PHP files are executed and thus the source code is not visible from the web, an accidental misconfiguration could change this. You could put the DB configuration in a separate file outside the wbeserver's document root directory and use PHP's require
command to include it in the other scripts.
但是,取决于PHP配置,PHP脚本可能无法访问docroot之外的文件,但是有一些解决方法. 此SO问题详细讨论了这些问题
However, depending on the PHP configuration, files outside the docroot may not be accessible to PHP scripts, but there are ways around this. This SO question discusses these issues in detail
这篇关于有没有办法隐藏所有数据库信息,例如密码,用户名等?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!