republican-creole
site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

OS and Software > Webmasters and Developers > PHP file with embedded username and pwd - Safe?

Search Topic:
 Uniqs:
517		 Share Topic
Posting?
Post a:
Post a:
Links: ·How To Get Noticed ·Web Monks FAQ ·Webhosting FAQ ·Posting Code ·How To Post ·Webhosting forum
AuthorAll Replies


SychoSly
Scoot the World
Premium
join:2004-01-22
Mount Prospect, IL
kudos:1

PHP file with embedded username and pwd - Safe?

I downloaded a small file management utility that is php based. The username and password are stored within the file. Is that safe? Can't someone just download index.php and get the username and password?

Thanks.
--
~Sly
to forum · permalink · 2012-08-24 12:27:25 ·


Rob
In Deo speramus.
Premium
join:2001-08-25
Kendall, FL
kudos:3

Anytime you store any critical information online carries some risk.

For the most part, storing a username and password within a php file, as long as that information isn't outputted to the browser, is to a degree, safe.

If they try to access the index.php file from their browser, the server will output the rendered coding, so they won't see the username or password.

However, if this is a shared server, then in theory, someone with access to the server could navigate to the folder that the file is located in, and view the contents of the file.

So to answer your question: For the most part, it is safe and it's a common way of hard coding usernames/passwords (although someone will reply to me and give me a 3 page explanation why storing the information in a DB, with encryption, should be the only solution, tada tada tada )
--
CheckSite.us | YourIP.us | Reverseip.us

to forum · permalink · 2012-08-24 13:04:57 ·


SychoSly
Scoot the World
Premium
join:2004-01-22
Mount Prospect, IL
kudos:1

Thanks for the reply. But say using a download manager type program, can that download the index.php file and actually show the php code?
--
~Sly

to forum · permalink · 2012-08-24 13:21:25 ·


Rob
In Deo speramus.
Premium
join:2001-08-25
Kendall, FL
kudos:3

said by SychoSly:

Thanks for the reply. But say using a download manager type program, can that download the index.php file and actually show the php code?

Nope. The file is rendered by the webserver before it is sent to the browser.
--
CheckSite.us | YourIP.us | Reverseip.us
to forum · permalink · 2012-08-24 13:24:54 ·
Forums > OS and Software > Webmasters and Developers

Friday, 24-May 04:43:54 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics