What I am wanting to do is use a php page to ask for a username and password that is stored in a mysql database. My plan was to use a username and password to connect to the mysql database that only has read access. However what is to stop anyone from looking at the source of the php page and finding the username and password I have used to connect to the database and using it to get all the usernames and passwords stored. I will be hosting the page on my own ISPConfig web hosting server. Can anyone help. Thanks
The PHP script (better: Apache) will only deliver HTML code to your browser, not PHP code. So you can specify the username and password in your PHP file.
Indeed, and if you are thinking about inputting the username/password into further pages I would say use sessions. If however you are referring to the fact that you are using an ISPConfig web hosting server, and the question relates to that. As in: can those others users of the server access my source. Then yes, they can via shell access or if they are an administrator. Unless you compile your php (dont ask me how, i've never done it ;-)) ________ DinaSky
Ya Apache is good and go to piratebay.org and in "other" there is a torrent of 300 excellent PHP scripts.
22hosting... I see what you mean with the users... I will be keeping the source code under my own web space so no other uses except me can view the original files... I will take a look into sessions and compiling php... thanks for the posts... I have just bought a php book so I am sure I can come up with something. Thanks
Make sure all other web sites use PHP Safe Mode, otherwise their owners could write a PHP script that reads your files...