1. mayhem366

    OP mayhem366 GBAtemp Regular
    Member

    Joined:
    Nov 24, 2008
    Messages:
    181
    Country:
    Just a quick question to do with PHP/MySQL (more will probably follow as I am a n00b when it comes to web programming):

    what is the standard method used when dealing with a MySQL password?
    I followed the tutorial from W3Schools about how to connect to a MySQL database using php blah blah.
    They say something like this:



    If you put this in whatever page you want to connect to the database then the username and password are visible to all if they view the source,
    i was thinking of having a file on the servers hard drive (but not uploaded) and read the username and password via that? Good idea or not?

    How do most websites beat this?
     
  2. BiscuitBee

    BiscuitBee Semi-Resident Cookie-Bug
    Member

    Joined:
    Jul 30, 2008
    Messages:
    689
    Country:
    Canada
    Unless someone has DIRECT access to your source file (or does some fancy php exploiting), web-surfers will never get that information by simply viewing the source with their browser.

    php is processed server-side and the resulting page is then sent to the surfer's browser.
     
  3. mayhem366

    OP mayhem366 GBAtemp Regular
    Member

    Joined:
    Nov 24, 2008
    Messages:
    181
    Country:
    Oh feck, i knew that. Now i feel like a fool.
    Thank you for your help [​IMG]
     
  4. Sparkle

    Sparkle Member
    Newcomer

    Joined:
    Sep 11, 2004
    Messages:
    43
    Country:
    Netherlands
    i really recommend http://phpvideotutorials.com/ for all your php tutorial pleasures. very good and straight tutorials over there. the basic tutorials of them are free. i suggest you try them out.

    as about your question: your visitors can't read your PHP source. everything that is written between the php tags ( except for things between echo "" and print "") is invisible for your users. if you DO see your php-source in the browser then PHP isnt configured correctly at your webserver [​IMG]
     
  5. hey_suburbia

    hey_suburbia Do The Lizard Bop
    Member

    Joined:
    Apr 24, 2004
    Messages:
    560
    Country:
    United States
  6. Wabsta

    Wabsta you fight like a dairy farmer
    Member

    Joined:
    Apr 25, 2008
    Messages:
    2,501
    Country:
    Netherlands
    If you are still afraid of it, you could also make a file, called, for example, inc.config.php
    Put the connecting stuff there, and include it in every page.
     
  7. mayhem366

    OP mayhem366 GBAtemp Regular
    Member

    Joined:
    Nov 24, 2008
    Messages:
    181
    Country:
    Another question now, I am making a signup form using the following method:


    show the html form


    What i want is if the validation fails, then it should show the form again but with errors at the top of the page, for each field, i have set it to add to the error message etc.
    I check if the error message is null (i.e. everything is fine) but i need a way of calling the page again if it fails, i have tried header(Refresh: 0, $PHP_SELF); but this resets all the fields, i need the error message to persist.

    Any help is appreciated, sorry if my explanation is not terribly clear.


    EDIT: Think i've nailed it now with a $_SESSION variable.
     
  8. pacha69

    pacha69 GBAtemp Regular
    Member

    Joined:
    Feb 19, 2006
    Messages:
    175
    Country:
    Belgium
    well, your form has to point to a specific page doesn't it, just put the current page, and do the checks on your current page .........
     
  9. mayhem366

    OP mayhem366 GBAtemp Regular
    Member

    Joined:
    Nov 24, 2008
    Messages:
    181
    Country:
    I already have that in place hence the initial php block that retrieves the posted values and stores them in variables. Also the else block is executed after the page has been sent.
    This is where all the validation takes place and adds to the error message. If the input is not all valid, the page will refresh and display the error message.
     
  10. mayhem366

    OP mayhem366 GBAtemp Regular
    Member

    Joined:
    Nov 24, 2008
    Messages:
    181
    Country:
    Just another question that is driving my mad...
    Why does block of code drive my page into continuously loading...i've narrowed it down to the assignment $found=Ture; but don't understand why it is doing it...if i replace it with an echo statement it works fine.
    Code:
    function loggedInAsAdmin() {ÂÂÂÂÂÂÂÂ
    ÂÂÂÂ//check for cookie
    ÂÂÂÂÂÂÂÂÂÂÂÂÂÂ//connect to db
    ÂÂÂÂÂÂÂÂ// do some query
    ÂÂÂÂÂÂÂÂ
    ÂÂÂÂÂÂÂÂ$found = False;
    ÂÂÂÂÂÂÂÂif ($result && $row=mysql_fetch_row($result)) {
    ÂÂÂÂÂÂÂÂÂÂÂÂ if ($row[0]==1) {ÂÂÂÂ//If boolean is set
    ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ$found = True;
    ÂÂÂÂÂÂÂÂÂÂÂÂ }
    ÂÂÂÂÂÂÂÂ}
    ÂÂÂÂÂÂÂÂmysql_close($con);
    ÂÂÂÂÂÂÂÂreturn $found;
    ÂÂÂÂ}
    }
     
  11. playallday

    playallday Group: GBAtemp Ghost
    Member

    Joined:
    May 23, 2008
    Messages:
    3,771
    Country:
    Canada
    Change $found to true and see what it does.
     
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - programmers, Calling,