Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: PHP
<?php
 
$iterations = 3;
$hash = crypt($password,$salt);
for ($i = 0; $i < $iterations; ++$i)
{
    $hash = crypt($hash . $password,$salt);
	echo $hash;
}
 

?>
I am new gradual with less experience in Developing web appli cation.
Am a building a very sensitive application in php and Mysql database server as the back end.
But in my login page in particular and any page in my application i use the connection string to my database server directly in my code. No doubt this is a security hole.
In ASP.NET The webconfig is use, i want to create and xml file to save my connection string there i would be reading it from my application.
I did enough google to no vail. pls show me a sample.
The code above is my Authentication.php but i don't want to code the connection string to db directly. Just to reff.
Thanks
Posted 12-Oct-12 6:56am
eckomma373
Comments
Vasudevan Deepak Kumar at 26-Oct-12 9:53am
   
You can have the connectionstring in a include file and prevent direct accesses to the same like as explained here http://stackoverflow.com/questions/409496/prevent-direct-access-to-a-php-include-file

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Advertise | Privacy | Mobile
Web02 | 2.8.141022.2 | Last Updated 12 Oct 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100