如何在PHP中保护数据库密码配置文件?
[英]How to secure database passwords configure file in PHP?
问题描述
How can i secure the configure file that contain database passwords in PHP? 
如何保护PHP中包含数据库密码的配置文件? plus i need details how to do it. 再加上我需要详细的方法。
2 个解决方案
解决方案1
0 2012-05-24 07:41:46
Put the configuration file, an included .php module, in a directory which cannot be read by the webserver. 将配置文件(包括的.php模块)放置在Web服务器无法读取的目录中。 For example: 例如:
config.php: config.php:
<?php
$db_host = "localhost";
$db_user = "username";
$db_password = "the literal password";
$db_database = "default_db";
?>
解决方案2
0 2012-05-24 08:30:46
It depends from whom you want to make it secure? 这取决于您要确保谁安全? 1) from some hacker? 1)来自某些黑客? 2) from your customer who will be having access to your source code? 2)从您的客户那里谁可以访问您的源代码? or 3) your staff? 还是3)您的员工?
In all case what you can do is you can use code obfuscation to encrypt your code. 在所有情况下,您都可以使用代码混淆来加密代码。 ( http://en.wikipedia.org/wiki/Obfuscation_%28software%29 ) ( http://en.wikipedia.org/wiki/Obfuscation_%28software%29 )
some of them which could be used are: ioncube (commercial) zend guard (commercial) http://www.intricks.com/projects/PhpCodeBuster/ (free) you can google up more of that if required. 其中一些可以使用的工具是:ioncube(商业)zend guard(商业) http://www.intricks.com/projects/PhpCodeBuster/ (免费),如果需要,您可以在Google上搜索更多内容。
useful posts: Is there a code obfuscator for PHP? 有用的文章: 是否有PHP的代码混淆器?
I am using ioncube and works well for me on all platforms (windoes+linux) 我正在使用ioncube,并且在所有平台上都可以正常使用(windoes + linux)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.