Question:
What should i do to hide php code with DB connection?
2008-07-16 09:08:28 UTC
I'm new to PHP. I want to log in to the page and authenticate the user with the DB info. What should i do to hide the PHP code from the page source? Or is there another way?
Five answers:
bustin98
2008-07-16 09:27:55 UTC
I use include files and have a bit of code that tells the page to die if a variable is not defined.



Save connection string as 'sql_con.inc.php'


if(!(isset($var))) die();

$link_id = mysql_connect("localhost", "user", "password")

or die ("Could not connect: " . mysql_error());



mysql_select_db ("database", $link_id);

?>



On the page that includes the connection, place the include code after a point that defines the var.



$var = '';

include('sql_con.inc.php');



You can name the file whatever you like, and naming it something odd will keep people from guessing. Also putting it in a random directory decreases the chance of someone outside finding it.
Bernz
2008-07-16 15:50:12 UTC
Well, if you're talking about hiding the PHP from the client web browser, then no need to worry. It's automatically hidden.



Let me explain: let's say that you have a page with PHP code that queries a SQL database and looks up the user. So, you'll write PHP code with a SQL command, your DB username and password and a mysql_fetch_assoc to fetch the rows that matched.



Since your web server interprets the code, there is NO way for a web client to see the code, including your username and password. HOWEVER, the connection information is stored in clear text on your web server, so you'll have to make sure that only authorized users can have access to these files.



In other words, as long as you don't output debugging information that reveals critical information -- or that you allow directory browsing on your web server --, your files are safe from prying eyes.



Good luck!
Mikhus
2008-07-16 09:18:19 UTC
If you had such problems this mean that you haven't configured your web-server propertly. If you using apache check is there



AddType application/x-httpd-php .php .phtml .inc



setted propertly in your httpd.conf file.



This mean that your web server should to know which files should be handled with PHP interpreteur.



Regards,

Mike
Ria
2008-07-16 09:22:21 UTC
Here is your answer:



http://www.adguru.org/php-mysql-f15-what-should-i-do-to-hide-php-code-with-db-connection-t2185.html
Nic
2008-07-16 09:19:38 UTC
encrypt your code. there are many sites that allow you to do this.





http://www.seocompany.ca/software/free-encryption-software.html


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...