silly question, i've ever written databases in xampp before hacking not issue...
i want connect database , display data on webpage.
$username = "user"; $password = "password???"; $hostname = "host.name"; //db connection $dbhandle = mysql_connect($hostname, $username, $password) or die("can't connect"); echo "connected mysql<br>"; i'm not sure want advertise database's password online; i'm guessing can encrypt (i used md5 before, i've found not effective way this).
can shine light here? i've been searching hour , can't seem find much.
there's absolutely no problem storing password in plain text, php code not visible user. unless there's security vulnerability, in case unauthorised database access least problem, don't need bother.
however, highly recommend unset() variables sensitive data after aren't needed anymore. eliminates risk of potential information leak through, example, insecure template rendering.
Comments
Post a Comment