Topic: Possible to encrypt MySQL password in config.php

Is it possible to encrypr the MySQL password in config.php ?

Btw great forum!

Re: Possible to encrypt MySQL password in config.php

No. The only thing that comes to mind is code obsfucation. There are a few PHP code obsfucation tools. Here's one:

http://www.ioncube.com/

"Programming is like sex: one mistake and you have to support it for the rest of your life."

Re: Possible to encrypt MySQL password in config.php

well if you encrypt the password then it can't be used to access the database can it?

Re: Possible to encrypt MySQL password in config.php

Well maybe it is an option for one of the next releases. Because everyone can see my password now if they download the config.php file. And if they know my password, the can log in to the database....:'(.

Re: Possible to encrypt MySQL password in config.php

But config.php can't just be downloaded. You would need FTP access for that.

"Programming is like sex: one mistake and you have to support it for the rest of your life."

6

Re: Possible to encrypt MySQL password in config.php

Maybe he share his site with a friends smile.

If your people come crazy, you will not need to your mind any more.

Re: Possible to encrypt MySQL password in config.php

how could it be encrypted and still used? and if it is encoded anyone who knew where to get it could know how to decode it :S

8

Re: Possible to encrypt MySQL password in config.php

The way I got round things was to rename my config.php as forum_config.php and stick it in my cgi-bin.
Then I just modified config.php in my forum root directory to include this file.
I've done this with all my config files for different apps and it keeps passwords, etc. away from prying eyes.

I've been down so long it's beginning to look like up..

Re: Possible to encrypt MySQL password in config.php

which prying eyes?

10

Re: Possible to encrypt MySQL password in config.php

Anyone who was determined.
I would consider any file below htdocs to be accessible to someone who was intent on getting info.

I've been down so long it's beginning to look like up..

Re: Possible to encrypt MySQL password in config.php

hmmm i seriously doubt it.. otherwise all the php sites on the net would constantly be being broken into

so why would moving it into cgi-bin help?