如何加密然后解密数据库类文件中使用的用户名和密码的文本 [英] how do I encrypt and then decrypt the text of username and password used in database class file

问题描述

我创建了一个类文件database.php，它处理所有的sql查询并连接到数据库。我将数据库的用户名和密码存储在一个变量中（如果有人访问php文件，可以很容易地看到它）。

I have created a class file database.php which handles all the sql queries and connecting to database. I store username and password for the database in a variable (which is easily seen if one gains access to the php file).

我想加密该用户名和密码即使有了这个php文件，一个人也无法想到原来的用户名和密码。

I want to encrypt that username and password so that even after having that php file one is not able to have an idea of the original username and password.

请帮助我，因为我迫切需要一些想法。

Please help me as I am in need of some idea desperately.

谢谢

推荐答案

这几乎不能完成。您需要可解密形式的密码将其发送到数据库。任何这样的表单在某种程度上可以被访问.php文件的人所读取。

This can hardly be done. You need the password in a decryptable form to send it to the database. Any such form will in some way be readable by a person who gains access to the .php file.

常识方法是保留配置文件外我们作为基本安全措施，并通过正确保护服务器来防止外部攻击。数十万个网站以这种方式运行，无需以您所描述的方式加密敏感数据。

The common sense approach is to keep the configuration files outside the we broot as a basic security measure, and prevent outside attacks through properly securing the server. Hundreds of thousands of web sites run that way, without additionally encrypting their sensitive data in the way you describe.

这篇关于如何加密然后解密数据库类文件中使用的用户名和密码的文本的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！