ansaurus

Question

PHP Include or copy paste mysql login info on every page?

Answer 1

+4 A:

Use an include with the .php include set outside the html root (usually /var/www or public_html)

Gazler 2010-09-13 18:28:31

@Gazier. Thanks for the response but new to the game. Not sure what you mean.

AAA 2010-09-13 18:31:10

Where is your document root? As in, the folder you upload to which http://yoursite.com points to? Put it somewhere above that folder.

Gazler 2010-09-13 18:32:39

You mean to put it in any folder or section other than where they website content is uploaded?

AAA 2010-09-13 18:45:00

Answer 2

A:

How about using session for that thing?

poscaman 2010-09-13 18:30:51

Don't you need to login once first for the session to be stored?

AAA 2010-09-13 18:35:45

nope. Sessions work by creating a unique identification(UID) number for each visitor and storing variables based on this ID. This helps to prevent two users' data from getting confused with one another when visiting the same webpage.

poscaman 2010-09-19 10:45:52

Answer 3

A:

Even if that file is in the public_html it shouldn't echo/display the information nor be downloadable by browser so you are okay in that regard. You can block directory access to where it is with the httpd/apache2.conf file or .htaccess assuming this is an apache server.

Also I've been told by some dev's before to use require_once instead but that's up to you.

Brian Huenefeld 2010-09-13 18:32:37

@brian thanks for the response. How do you configure the apache2.conf file to block files from being downloaded via the browser or any other way?

AAA 2010-09-13 18:37:15

that's a bit more complicated but try an .htaccess file first because it's much simpler. place a file called ".htaccess" inside of the same directory as the included php file.

Brian Huenefeld 2010-09-13 18:47:39

"deny from all" should be the the file's contents, this is a great resource -> http://www.htpasswdgenerator.com/apache/htaccess.html

Brian Huenefeld 2010-09-13 18:49:25

Answer 4

A:

Create a connection.php

$host   =   "localhost";  //server
$user   =   "user";  //username
$pass   =   "pass"; //password
$db =   "db1"; //database
$con    =   @mysql_connect($host,$user,$pass);  //connection
if(!$con){
  die("Could Not Connect to $host: ".mysql_error());
  } //if NOT connected force error
$db_select  =   @mysql_select_db($db);  // database connection
if(!$db_select){
  die("Could Not Select $db: ".mysql_error());
  }  //if NOT connected force error

Put this file connection.php outside your /www or /public_html folder

Add

require_once("../whereeverthismaybe/connection.php");

as the first line on every page you need it for.

-jt

taylorjes 2010-09-13 18:41:09

the code is old but you get the point.

taylorjes 2010-09-13 18:41:53

Thanks Taylor. When you say put this outside any of your public_hmtl folder, you mean a separate folder that doesn't have any website files right?

AAA 2010-09-13 18:44:33

yes and a folder that has no "access" from the web. A typical structure would be home/{files/folders}/public_html for your website. Anything "above" the public_html will be not accessible from the web, but when the .php is processed internally your web files will have access.. this prevents unauthorized access to your login information.

taylorjes 2010-09-13 18:48:30

ansaurus

tags:

views:

answers:

PHP Include or copy paste mysql login info on every page?

related questions