Is the mysql server, username and password public on a php website? (mysql_connect)
Question
If i have a php script on my website like this for example:
<?php
mysql_connect("server","username","password");
mysql_select_db("commentbox");
$name=strip_tags($_POST['name']);
$comment=strip_tags($_POST['comment']);
$submit=strip_tags($_POST['submit']);
?>
will the "mysql_connect("server","username","password");" be public for everyone that views the source on that webpage?
2 answers
solution1
1 ACCPTED 2014-02-22 22:38:46
If you mean by "view the source", use a browser's "view source" feature, then no. As long as your server is configured to run PHP the code is never visible to the outside world, only the output of running your script.
solution2
0 2014-02-22 22:50:59
If your Webserver is configured to interpret php, and you save the file with a corresponding extension (.php), your Webserver will parse everything enclosed in <?php ?> and nothing will be displayed to a user viewing the file via your Webserver unless you use a function to create output like echo ).
Still, it is good practice to put files with sensitive data in a directory that is protected from web access (ie with a .htaccess file)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.