doufeng2877 2012-05-27 17:00
浏览 4

mysql php安全

On my php pages, at the top i connect to the database like this

$db = mysql_connect("mysql.site.com","thedb", "pass"); 
mysql_select_db("dbase",$db);

Is this secure? Could someone somehow scan and view my code, therefore get access to the database?

UPDATE

Reason I ask is because a user was able to get access to my database, and im pretty sure it wasn't through sql injection.

  • 写回答

4条回答 默认 最新

  • dongweihuai5601 2012-05-27 17:05
    关注

    It would be better if you move this snippet to an include file outside of your document root — this will prevent people reading it in case your webserver somehow gets misconfigured and starts serving PHP files as plain text. Although, just by itself, it is secure enough — it is unlikely that somebody will be able to misconfigure your server like this on purpose.

    评论

报告相同问题?

悬赏问题

  • ¥15 求帮我调试一下freefem代码
  • ¥15 matlab代码解决,怎么运行
  • ¥15 R语言Rstudio突然无法启动
  • ¥15 关于#matlab#的问题:提取2个图像的变量作为另外一个图像像元的移动量,计算新的位置创建新的图像并提取第二个图像的变量到新的图像
  • ¥15 改算法,照着压缩包里边,参考其他代码封装的格式 写到main函数里
  • ¥15 用windows做服务的同志有吗
  • ¥60 求一个简单的网页(标签-安全|关键词-上传)
  • ¥35 lstm时间序列共享单车预测,loss值优化,参数优化算法
  • ¥15 Python中的request,如何使用ssr节点,通过代理requests网页。本人在泰国,需要用大陆ip才能玩网页游戏,合法合规。
  • ¥100 为什么这个恒流源电路不能恒流?