如何避免对数据库连接密码进行硬编码? [英] How can I avoid hardcoding the database connection password?
本文介绍了如何避免对数据库连接密码进行硬编码?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在做一个学校项目(写一个网站),但遇到了为连接数据库提供密码的问题。由于我们拥有开放源代码许可证,我们必须发布源代码,但这意味着每个人都可以连接到数据库并查看tha数据。
I am working on a school-project (writing a website) and I ran into the problem of providing the password for the connection to our database. Because of our Open-Source license we have to publish the sourcecode but that would mean that everyone could connect to the database and see tha data.
当前我们的连接(一个php文件)如下所示:
Currently our connection (a php file) looks like this:
$host="************";
$password="************";
$this->conn = new mysqli($host, $user, $password, $dbname).mysqli_connect_error());
现在我的问题是:我如何提供无需连接 $ password = ...
?
Now my question is: how can i provide the password to connect to the database without needing to write $password=...
?
推荐答案
好,这是 ini 文件:
<?php
$db_params = parse_ini_file( dirname(__FILE__).'/db_params.ini', false );
// .....
$this->conn = new mysqli($db_params['host'], $db_params['user'], $db_params['password'], $db_params['dbname'], $db_params['port'], $db_params['socket']).mysqli_connect_error());
// ...
?>
db_params.ini
db_params.ini
host=mysql.example.com
port=3306
socket=
user=testuser
password=myPasswort
dbname=myDatabase
这篇关于如何避免对数据库连接密码进行硬编码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文