Mysql connect security

0 Jonas Meise · June 16, 2015
Hey guys :)

While creating a login system for my website I was wondering about what has to be encrypted so it is safe.
The password for loggin in with an account is stored on the server and is encrypted but what I am unsure about is if it is necesarry to encrypt the password I use for connecting to the mysql server in php. Like in this code here:



mysql_connect("server", "db", "password") or die(mysql_error());


Is it safe if I just write my password in there if the file is a plain php file?

Thanks for your answers :)

LuPaw

Post a Reply

Replies

Oldest  Newest  Rating
0 Alan Johnson · June 16, 2015
You connect to your database on the server side so unless you do something silly like echo your database password or give unauthorized users access to the source code you will be fine.
+1 Jonas Meise · June 16, 2015
Okay thanks :)
0 Alan Johnson · June 16, 2015
But if you are concerned with the security of your site then you should consider against using the mysql_ functions. 
Take a look at PDO or mysqli.
0 Christian Russell · June 22, 2015
Also, make sure to do some research on preventing SQL injection.
  • 1

PHP

107,104 followers
About

Server-side, HTML embedded scripting language used to create dynamic Web pages.

Links
Moderators