Calling all web programmers

Discussion in 'General Off-Topic Chat' started by mayhem366, Mar 3, 2010.

Mar 3, 2010
  1. mayhem366
    OP

    Member mayhem366 GBAtemp Regular

    Joined:
    Nov 24, 2008
    Messages:
    181
    Location:
    UK
    Country:
    United Kingdom
    Just a quick question to do with PHP/MySQL (more will probably follow as I am a n00b when it comes to web programming):

    what is the standard method used when dealing with a MySQL password?
    I followed the tutorial from W3Schools about how to connect to a MySQL database using php blah blah.
    They say something like this:



    If you put this in whatever page you want to connect to the database then the username and password are visible to all if they view the source,
    i was thinking of having a file on the servers hard drive (but not uploaded) and read the username and password via that? Good idea or not?

    How do most websites beat this?
     
  2. BiscuitBee

    Member BiscuitBee Semi-Resident Cookie-Bug

    Joined:
    Jul 30, 2008
    Messages:
    689
    Location:
    Canada
    Country:
    Canada
    Unless someone has DIRECT access to your source file (or does some fancy php exploiting), web-surfers will never get that information by simply viewing the source with their browser.

    php is processed server-side and the resulting page is then sent to the surfer's browser.
     
  3. mayhem366
    OP

    Member mayhem366 GBAtemp Regular

    Joined:
    Nov 24, 2008
    Messages:
    181
    Location:
    UK
    Country:
    United Kingdom
    Oh feck, i knew that. Now i feel like a fool.
    Thank you for your help [​IMG]
     
  4. Sparkle

    Newcomer Sparkle Member

    Joined:
    Sep 11, 2004
    Messages:
    43
    Location:
    amsterdam
    Country:
    Netherlands
    i really recommend http://phpvideotutorials.com/ for all your php tutorial pleasures. very good and straight tutorials over there. the basic tutorials of them are free. i suggest you try them out.

    as about your question: your visitors can't read your PHP source. everything that is written between the php tags ( except for things between echo "" and print "") is invisible for your users. if you DO see your php-source in the browser then PHP isnt configured correctly at your webserver [​IMG]
     
  5. hey_suburbia

    Member hey_suburbia Do The Lizard Bop

    Joined:
    Apr 24, 2004
    Messages:
    560
    Location:
    Philadelphia, PA
    Country:
    United States
  6. Wabsta

    Member Wabsta you fight like a dairy farmer

    Joined:
    Apr 25, 2008
    Messages:
    2,485
    Location:
    SCUMM Bar
    Country:
    Netherlands
    If you are still afraid of it, you could also make a file, called, for example, inc.config.php
    Put the connecting stuff there, and include it in every page.
     
  7. mayhem366
    OP

    Member mayhem366 GBAtemp Regular

    Joined:
    Nov 24, 2008
    Messages:
    181
    Location:
    UK
    Country:
    United Kingdom
    Another question now, I am making a signup form using the following method:


    show the html form


    What i want is if the validation fails, then it should show the form again but with errors at the top of the page, for each field, i have set it to add to the error message etc.
    I check if the error message is null (i.e. everything is fine) but i need a way of calling the page again if it fails, i have tried header(Refresh: 0, $PHP_SELF); but this resets all the fields, i need the error message to persist.

    Any help is appreciated, sorry if my explanation is not terribly clear.


    EDIT: Think i've nailed it now with a $_SESSION variable.
     
  8. pacha69

    Member pacha69 GBAtemp Regular

    Joined:
    Feb 19, 2006
    Messages:
    173
    Country:
    Belgium
    well, your form has to point to a specific page doesn't it, just put the current page, and do the checks on your current page .........
     
  9. mayhem366
    OP

    Member mayhem366 GBAtemp Regular

    Joined:
    Nov 24, 2008
    Messages:
    181
    Location:
    UK
    Country:
    United Kingdom
    I already have that in place hence the initial php block that retrieves the posted values and stores them in variables. Also the else block is executed after the page has been sent.
    This is where all the validation takes place and adds to the error message. If the input is not all valid, the page will refresh and display the error message.
     
  10. mayhem366
    OP

    Member mayhem366 GBAtemp Regular

    Joined:
    Nov 24, 2008
    Messages:
    181
    Location:
    UK
    Country:
    United Kingdom
    Just another question that is driving my mad...
    Why does block of code drive my page into continuously loading...i've narrowed it down to the assignment $found=Ture; but don't understand why it is doing it...if i replace it with an echo statement it works fine.
    Code:
    function loggedInAsAdmin() {ÂÂÂÂÂÂÂÂ
    ÂÂÂÂ//check for cookie
    ÂÂÂÂÂÂÂÂÂÂÂÂÂÂ//connect to db
    ÂÂÂÂÂÂÂÂ// do some query
    ÂÂÂÂÂÂÂÂ
    ÂÂÂÂÂÂÂÂ$found = False;
    ÂÂÂÂÂÂÂÂif ($result && $row=mysql_fetch_row($result)) {
    ÂÂÂÂÂÂÂÂÂÂÂÂ if ($row[0]==1) {ÂÂÂÂ//If boolean is set
    ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ$found = True;
    ÂÂÂÂÂÂÂÂÂÂÂÂ }
    ÂÂÂÂÂÂÂÂ}
    ÂÂÂÂÂÂÂÂmysql_close($con);
    ÂÂÂÂÂÂÂÂreturn $found;
    ÂÂÂÂ}
    }
     
  11. playallday

    Member playallday Group: GBAtemp Ghost

    Joined:
    May 23, 2008
    Messages:
    3,773
    Location:
    [@N@[)@
    Country:
    Canada
    Change $found to true and see what it does.
     

Share This Page