Home/ Questions/Q 6250071
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T13:21:18+00:00

Hello guys I’m new to php and I discovered that for a database connection

  • 0

Hello guys I’m new to php and I discovered that for a database connection you input your password directly into .php file (“mysql_connect($host, $user, $pass, $db”). I read about hashing and I’m going to use hashing but the question is can the user download the precompiled .php file and view my source code and therefore get my database password. If he writes “domain/home” i have an index.php file which prevents the user from entering the directory.
Thank you in advance.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    As mentioned by other answerers, normally this shouldn’t be a problem since users won’t be able to see the PHP code. If, however, you plan to share the code with others, it can be a bit of a hassle to remove the username and password before sending it to somebody (and, if you forget they’ll know your password).

    So, you could put the info in a file and then read it into PHP. For example, create a file called mysql.ini in your home directory and put the following information in it:

    host     = "127.0.0.1"
username = "user"
password = "pass"
database = "db"

    Then, read it into PHP and connect, like this:

    $settings = parse_ini_file('/home/mysql.ini');
mysql_connect($settings['host'], $settings['username'], $settings['password'], $settings['database']);

    Remember to make sure that the file is in a section of the web server that is not publicly accessible, though, otherwise people will be able to read your login info.

    • 0