How to encrypt my MySQL password etc.

Z

Zobator

New Member
well, me and my partner in code are completely new to MySQL databases and we are going to implement it for the first time in a website. So to get started we always use(d) some free online tutorials. Now the first thing I immediately noticed was that you have to declare your username and password in the website html code to get access to a extern database. Well... I don't like it when people can see a username or password of me in plain sight...

There has to be a way to encrypt it so visitors can a perfect experience on my website and hackers can't ruin their experience by messing up our database...

A google search didn't bring up an answer as well...

EDIT: it crossed my mind PHP is server side... does a visitor see a internal php code or do I have to use a external PHP code to assure that my password and such are hidden from viewers?
 
Last edited:
smoovo

smoovo

New Member
You can't access MySQL DB with HTML, you need a server side language like you have mentioned in the end of your post. Server side language is never seen by the user, even if he/she want to.

You will have your PHP/ASP (go for PHP ;)) set to connect with your database by host name, user name and password, and they all won't be seen by the users.

PHP: 
<?php

$connect = mysql_connect("hostname","username","password");

if (!$connect) { 
    die('Could not connect: ' . mysql_error()); 
}

?>

- Enjoy.
 
C

che09

New Member
Password-encryption functions are normally one-way.There is
no way to get the original string from the encrypted string. This is
preferable because one-way encryption is more secure, and for reasons
above, there's no need for code to decrypt the password.
 
O

Openfield

New Member
It's also helpful to store your database login info in a separate file that you include within your PHP script for your page. That way if you ever need to change any of the variables for some reason, you can simply change the included file as opposed to changing every page that it is contained in.

Your page:
PHP: 
<?php
include '/home/user/public_html/sqldbinfo.php';

$db = new PDO($dsn, $user, $password);
$db->setAttribute(PDO::ATTR_ERRMODE,
PDO::ERRMODE_EXCEPTION);

rest of your code. . .
?>

sqldbinfo.php:
PHP: 
<?php
$dsn = 'mysql:host=localhost;dbname=user_tablename;';
$user = 'user_dbusername';
$password = 'Secret';
?>

NOTE: I use the PDO extension of PHP to access my databases. When I was teaching myself PHP and MySQL, this was the first method that I was able to grasp and successfully work with. I couldn't come close to describing the details of it. Just how I do it.
 
Last edited:
You must log in or register to reply here.
Top