Click here to Skip to main content
15,846,977 members
Please Sign up or sign in to vote.
5.00/5 (1 vote)
See more:
Dear Friends,

I am developing a website in PHP using MySQL Database.

When I connect to MySQL database, I need to give the username and password.
I want to know that where should I store this password and username, so that when I need to give the username and password, I retrieve it from that place.

I want to secure my username and password.
Updated 31-Mar-11 5:28am
Dalek Dave 31-Mar-11 10:29am    
Edited for Grammar and Readability.

You can write a php file with just MySQL connection detail and store it as connection.php. And then you can include it in every php file that requires to connect to the DB using the

<?php require_once("connection.php")<br mode="hold" /?>

You can make use of
<?php include("connection.php")<br mode="hold" /?>

too but this might error out some time with Too many connection error.

As the scripts are not readable from the browser in txt mode you don't have to worry about the security issues too.

Share this answer
Dalek Dave 31-Mar-11 10:29am    
rashidfarooq 31-Mar-11 13:08pm    
Although I am using this method yet. But If some one access my connection.php file, then he will get my username and password. Plz tell me some solution keeping in view this point.
ZeeroC00l 1-Apr-11 1:48am    
Well, first of all its really tough to get access to your script files in the server as apache has a really good security measure towards this.

There are tools like Turck MMCache, CodeLock, which will help you encode your script files before deploying them on the server. Which can come in handy for the purpose that you are looking for.
But the MMCache tool is for linux environment. So i would suggest you encrypt your file in Linux and then deploy them on any platform you choose to.
ZeeroC00l 1-Apr-11 1:50am

Try this link. It might help you too
create a table in the database
store your user Name and password and if you want security
then you need to encrypt your password before storing it into the Database
and at the time of retrieving that password you need to decrypt that.
Share this answer
rashidfarooq 31-Mar-11 13:10pm    
Brother I am talking about the DB Username and Password. Until I do no apply username and password to the database, How can I get access to database.
This discussion should give you a direction: Similar topic discussed[^]

You need to encrypt the username/password and store it in database or some config/text file accessible.
Share this answer
rashidfarooq 31-Mar-11 13:12pm    
I am not worried about the usernames and passwords of the users of my site. I am only worried about the DB Username and Password. Plz tell me the solution keeping in view this point.
Sandeep Mewara 31-Mar-11 13:16pm    
Same about that. For example, in ASP.NET, we do that in Web.Config file encrypted, if needed.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900