Where to store mysql username and password

Question

5.00/5 (1 vote)

See more:

Dear Friends,

I am developing a website in PHP using MySQL Database.

When I connect to MySQL database, I need to give the username and password.
I want to know that where should I store this password and username, so that when I need to give the username and password, I retrieve it from that place.

I want to secure my username and password.

Posted 31-Mar-11 1:14am

rashidfarooq

Updated 31-Mar-11 4:28am

Dalek Dave

v3

Add a Solution

Comments

Dalek Dave 31-Mar-11 10:29am

Edited for Grammar and Readability.

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

*ZeeroC00l* · Accepted Answer · 2011-03-31T01:32:00

Solution 4

You can write a php file with just MySQL connection detail and store it as connection.php. And then you can include it in every php file that requires to connect to the DB using the

<?php require_once("connection.php")<br mode="hold" /?>

You can make use of

<?php include("connection.php")<br mode="hold" /?>

too but this might error out some time with Too many connection error.

As the scripts are not readable from the browser in txt mode you don't have to worry about the security issues too.

BR//
Harsha

Posted 31-Mar-11 1:32am

ZeeroC00l

Updated 31-Mar-11 1:34am

v2

Comments

Dalek Dave 31-Mar-11 10:29am

Nice.

rashidfarooq 31-Mar-11 13:08pm

Although I am using this method yet. But If some one access my connection.php file, then he will get my username and password. Plz tell me some solution keeping in view this point.

ZeeroC00l 1-Apr-11 1:48am

Well, first of all its really tough to get access to your script files in the server as apache has a really good security measure towards this.

There are tools like Turck MMCache, CodeLock, which will help you encode your script files before deploying them on the server. Which can come in handy for the purpose that you are looking for.
http://turck-mmcache.sourceforge.net/index_old.html#encoder
But the MMCache tool is for linux environment. So i would suggest you encrypt your file in Linux and then deploy them on any platform you choose to.

ZeeroC00l 1-Apr-11 1:50am

http://roshanbh.com.np/2008/01/encryption-and-decryption-technique-in-php.html

Try this link. It might help you too

Mahendra.p25 · Accepted Answer · 2011-03-31T01:20:00

Solution 2

create a table in the database
store your user Name and password and if you want security
then you need to encrypt your password before storing it into the Database
and at the time of retrieving that password you need to decrypt that.

Posted 31-Mar-11 1:20am

Mahendra.p25

Comments

rashidfarooq 31-Mar-11 13:10pm

Brother I am talking about the DB Username and Password. Until I do no apply username and password to the database, How can I get access to database.

Sandeep Mewara · Accepted Answer · 2011-03-31T01:20:00

Solution 1

This discussion should give you a direction: Similar topic discussed[^]

You need to encrypt the username/password and store it in database or some config/text file accessible.

Posted 31-Mar-11 1:20am

Sandeep Mewara

Comments

rashidfarooq 31-Mar-11 13:12pm

I am not worried about the usernames and passwords of the users of my site. I am only worried about the DB Username and Password. Plz tell me the solution keeping in view this point.

Sandeep Mewara 31-Mar-11 13:16pm

Same about that. For example, in ASP.NET, we do that in Web.Config file encrypted, if needed.