Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: PHP
<?php
 
$iterations = 3;
$hash = crypt($password,$salt);
for ($i = 0; $i < $iterations; ++$i)
{
    $hash = crypt($hash . $password,$salt);
	echo $hash;
}
 

?>
I am new gradual with less experience in Developing web appli cation.
Am a building a very sensitive application in php and Mysql database server as the back end.
But in my login page in particular and any page in my application i use the connection string to my database server directly in my code. No doubt this is a security hole.
In ASP.NET The webconfig is use, i want to create and xml file to save my connection string there i would be reading it from my application.
I did enough google to no vail. pls show me a sample.
The code above is my Authentication.php but i don't want to code the connection string to db directly. Just to reff.
Thanks
Posted 12-Oct-12 6:56am
Ekomma368
Comments
Vasudevan Deepak Kumar at 26-Oct-12 9:53am
   
You can have the connectionstring in a include file and prevent direct accesses to the same like as explained here http://stackoverflow.com/questions/409496/prevent-direct-access-to-a-php-include-file

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 Sergey Alexandrovich Kryukov 766
1 OriginalGriff 452
2 sanket saxena 329
3 Tadit Dash 310
4 Peter Leow 228
0 Sergey Alexandrovich Kryukov 11,990
1 OriginalGriff 7,349
2 Peter Leow 5,003
3 Abhinav S 4,003
4 Maciej Los 3,575


Advertise | Privacy | Mobile
Web01 | 2.8.140421.2 | Last Updated 12 Oct 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Use
Layout: fixed | fluid