PHP和MySQL-如何避免源代码中的密码? [英] PHP and MySQL - how to avoid password in source code?
问题描述
我有一个小型PHP应用程序,将数据存储在 MySQL 数据库中.当前,用户名/密码已硬编码在PHP代码中.例如,我不喜欢这种情况,因为代码也可以在存储库中找到.
I have a small PHP application storing data in a MySQL database. Currently username / password are hard-coded in the PHP code. A situation I do not really like, for example, since the code is also available in a repository.
我最好的主意是将数据从代码移动到配置文件(从存储库中排除),并以某种方式对其进行编码,因此不能直接读取(混淆).有没有更好,更容易使用的方法来解决此问题?
The best idea I have is to move the data from the code to a configuration file (excluded from the repository), and somehow encode it, so is not directly readable (obfuscation). Is there any better and easy to use way to solve the issue?
$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db('mydb');
范围:我想建立一个健壮但又易于使用的解决方案.我想要合理的安全性,但是这里我不处理高度机密的数据.
Scope: I want to established a robust, but also easy-to-use solution. I want reasonable security, but I am not dealing with highly confidential data here.
备注:不再建议使用mysql_connect函数,请参阅堆栈溢出问题
Remark: It is no longer recommended to use the mysql_connect functions, see Stack Overflow question Why shouldn't I use mysql_ functions in PHP?*. I could have changed the code example, but since some comments refer to this, I did not. However, the original nature of the question remains valid.
推荐答案
最简单的方法就是使用配置文件.
The easiest way is, like you said, to use a configuration file.
许多框架都使用此( Zend , Kohana 等),它是最常用的处理方式(即使在非PHP环境,例如带有web.config文件的ASP.NET).这样,您还可以通过仅复制站点的文件来在环境之间复制配置值,这比依靠服务器设置环境变量(可能会很快丢失和忘记)有好处.
Many frameworks use this (Zend, CakePHP, Kohana, etc) and it's the most common way of doing things (even in a non-PHP environment such as ASP.NET with its web.config files). This allows you also to copy over configuration values from environment to environment by just copying the files for the site, which is a benefit over relying on server-setup environment variables (which can very quickly be lost and forgotten).
您不必担心密码的混淆,因为它不是世界可访问的文件,当然也不能通过网络访问.我的意思是,您要么a)告诉您的Web服务器不要提供您的配置文件( IIS 已经包含web.config文件,并显示HTTP 404.8状态(而不是内容))或b)将其移到您的网络服务目录之外.如果有人可以看到您的配置文件,那将比在源代码中包含它更糟糕.
You shouldn't need to worry about obfuscation of the password since it's not a world-accessible file, it certainly shouldn't be web accessible. What I mean by this is that you would either a) Tell your web server not to serve your configuration file (IIS already does this with web.config files and serves a HTTP 404.8 status instead of the contents) or b) Move it outside of your web served directory. If somebody can see your configuration file, it's worse than having it in your source code.
拥有配置文件的基本(空/默认)版本,并根据环境将其分开,也是一个好主意,这样您就可以为生产,开发和测试平台使用不同的配置文件
It's also going to be a good idea to have a base (empty / default) version of the configuration file, and separate it out per environments, so that you could have a different configuration file for production, development, and testing platforms.
环境变量是区分这些环境的最常用方法,类似于下面的代码:
An environment variable is the most common way to differentiate between these environments, something like the below code:
// Check if it's been set by the web server
if (!empty($_ENV['ENVIRONMENT'])) {
// Copy from web server to PHP constant
define('ENVIRONMENT', $_ENV['ENVIRONMENT']);
}
if (!defined('ENVIRONMENT')) {
// Default to development
define('ENVIRONMENT', 'development');
}
// Load in default configuration values
require_once 'config.default.php';
// Load in the overridden configuration file for this environment
require_once 'config.' . ENVIRONMENT . '.php';
另一种很常见的方法是使用XML配置文件,并仅读入所需的适当值(将配置文件的缓存副本存储在内存中).可以很容易地将其限制为仅加载特定的值,而不是允许任意包含PHP文件,并且在我看来,这是一个更好的解决方案,但以上所述应该使您朝正确的方向入手.
Another way that is pretty common is to use an XML configuration file and only read in the values that you need as appropriate (storing a cached copy of the config file in memory). This can very easily be restricted to only load in certain values, rather than allowing arbitrary inclusion of PHP files and is overall a better solution in my opinion, but the above should get you started in the right direction.
您可能希望您的 VCS 忽略该文件.另一方面,您可能希望对文件的框架或具有合理默认值的文件(当然后者不适用于登录数据)进行版本控制.解决该问题的一种常见方法是拥有一个签入的模板配置文件,并且安装过程将该文件复制到实际配置文件的位置,在该位置对其进行自定义.这可以是手动过程,也可以是自动化过程.
You'll probably want your VCS to ignore the file. On the other hand, you might want a skeleton of the file, or one with reasonable defaults (the latter does not apply to login data, of course), to be version controlled. A common way to deal with that is to have a checked-in template configuration file, and the installation procedure copies that file to the location of the real configuration file, where it is customized. This can be a manual, or an automated, process.
(尽管与主要问题没有什么联系,但为您的环境引入一个常量可以使您执行其他一些很酷的工作,例如推迟到假邮件实现而不是实时的SMTP 一个,但是当然也可以使用配置文件来完成此操作)
(Whilst somewhat unrelated to the main question, introducing a constant for your environment allows you to do some other cool stuff like deferring to a fake mail implementation instead of a live SMTP one, but of course this could also be done with a configuration file)
这篇关于PHP和MySQL-如何避免源代码中的密码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
