doulianqi3870 2016-04-09 13:29
浏览 29

安全的PHP数据库配置

Recently I have started learning PHP. I have created website that uses single PHP file (ex. config.php) to keep inside it database info, passwords etc.

For example, my config.php looks like that: 

 <?php
        return array(
            "ip"=>"localhost",
            "user"=>"rootusr",
            "password"=>"abc",
        );
    ?>

I am accessing to this from other files by $conn = include("config.php"); and echo $conn[ip]; etc.

My question is:

IS IT SAFE METHOD? Is anyone able (excluding me) to access this data from other server? To include my config.php and use it on his own? How can I do it better or make it safer?

Thanks for help! :)

  • 写回答

2条回答 默认 最新

  • duanmao7553 2016-04-09 13:39
    关注

    You can set it up on a .htaccess file to restrict access to the file from the web like so:

    <Files "config.php">
Order Allow,Deny
Deny from all
</Files>

    This means, the file will only be accessible by PHP (on your server)/someone else with access to your server's www directory, and this is a secure enough way to do what you're trying to do.

    评论

报告相同问题?

悬赏问题

  • ¥15 mmocr的训练错误,结果全为0
  • ¥15 python的qt5界面
  • ¥15 无线电能传输系统MATLAB仿真问题
  • ¥50 如何用脚本实现输入法的热键设置
  • ¥20 我想使用一些网络协议或者部分协议也行,主要想实现类似于traceroute的一定步长内的路由拓扑功能
  • ¥30 深度学习,前后端连接
  • ¥15 孟德尔随机化结果不一致
  • ¥15 apm2.8飞控罗盘bad health,加速度计校准失败
  • ¥15 求解O-S方程的特征值问题给出边界层布拉休斯平行流的中性曲线
  • ¥15 谁有desed数据集呀