| John Holmes 2004-08-27, 3:56 pm |
| From: "Dylan Barber" <dylan.barber@earthlink.net>
>I am accessing a database on my site from another site - I am
> not the only developer on the other site and there is the potential
> for someone to access the database for nefarious purposes from
> the other site. Can I somehow protect the password and still have it
> work?
What database? I assume you mean your PHP script is logging into a remote
database and you're concerned about the password being in the script? Not
much you can do about it, really. You can log in over SSL (depending upon
your database), which will protect the password in transit, but it's still
sitting in the file. If you can't trust users on the server that you're on,
find a better server. :)
> Or I had thought of this but I didn't know if it wuld or should work -
> include all my database routines in an include file and do something
> like include once "http://domain.com/include.php" would that even work?
It will work, but not like you're thinking. You'll get the _result_ of the
PHP file and not the actual code.
---John Holmes...
|