But if the database is on another machine then the password is sent as plain
text over the internet, no?
-----Original Message-----
From: Ben Cairns [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 21, 2001 10:06 AM
To: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] PHP security
Anything contained within the PHP open & close Tags (<? ?> ) is parsed out
server side.
In order for them to read the source of the file, they must have console
access.
Try and get a password from www.mywapfone.net/index.php
That page does a DB connect using your script.
You cannot see my Password in the source right?
Does this answer your question?
As the MySQL server is on localhost, then the password never leaves the
machine, so is not travelling over the internet.
Therefore, no-one can packet grab from the machine to get the password.
-- Ben Cairns - Head Of Technical Operations
intasept.COM
Tel: 01332 365333
Fax: 01332 346010
E-Mail: [EMAIL PROTECTED]
Web: http://www.intasept.com
"MAKING sense of
the INFORMATION
TECHNOLOGY age
@ WORK......"
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
