Wrox Programmer Forums
Go Back   Wrox Programmer Forums > PHP/MySQL > PHP Databases
Reload this Page mysql_connect password encryption
|
PHP Databases Using PHP in conjunction with databases. PHP questions not specific to databases should be directed to one of the other PHP forums.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the PHP Databases section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old March 8th, 2009, 09:06 PM
Authorized User
  
Join Date: Dec 2008
Posts: 50
Thanks: 1
Thanked 5 Times in 5 Posts
Default mysql_connect password encryption
Hi All

I am a bit concerned about storing my MySQL password as plain-text in PHP source code while calling php_connect().

Are there any measure or workaround where I can put encrypted password while connecting to my database?

Any help will be much appreciated.

Thanks & regards

Zeronexxx
 
Old March 9th, 2009, 04:01 PM
Friend of Wrox
  
Join Date: Sep 2005
Posts: 166
Thanks: 2
Thanked 33 Times in 33 Posts
Default
There are functions in PHP which you can use to encrypt and decrypt strings, such as MCrypt (http://uk.php.net/manual/en/book.mcrypt.php). These can be used so you don't have to put the password in the raw source file.
However, if an attacker gets in to your server and can see the encrypted password in the source file, they can just as (or more) easily see the method in which it is encrypted. It wouldnt take them a minute to decrypt it themselves and have access to the database.

It would be better to spend time ensuring access to the server itself is secure.

Hope this helps
Phil
The Following User Says Thank You to philip_cole For This Useful Post:
zeronexxx (March 10th, 2009)





Similar Threads
Thread Thread Starter Forum Replies Last Post
Password encryption and storage in the database. zaheerabbas.sk ASP.NET 1.0 and 1.1 Basics 4 July 30th, 2008 05:03 AM
Storing password using encryption from JAVA inderjeet_79 Java Databases 3 October 11th, 2007 04:11 AM
Password encryption decryption, storage in databas zaheerabbas.sk ASP.NET 1.0 and 1.1 Professional 1 April 25th, 2007 02:15 AM
password encryption angshujit ASP.NET 2.0 Basics 1 January 4th, 2007 03:34 PM
password encryption kosla78 Classic ASP Professional 6 July 12th, 2006 03:50 PM




Contact Us - Wrox - Privacy Statement - Top

Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.