Member Avatar for Clanstrom

Hi there all.
This is my first time ever in Dani web. I just began teaching myself PhP by googling. My first question ( Not sure if i am even allowed to ask in here ) is that.
* When you create a php registration form in PHP enabled page, you have to write how the php will insert the registered user into your SQL Database (Right?) Then in-order to do that you have to write ( i Guess ) Your local host password and database name ... In the page itself so it can gain access to write your SQL.
So what is bothering me is that, how can i write MySQL password and username in the page where the user is trying to access?

I mean wont the user just view your source code? If he does, won't the script speak for it self?

In Short - how can you prevent from any one viewing you SQL pass & username by viewing your source code?


Thanks and sorry for mess.

  • 2 Contributors
  • 2 Replies
  • 124 Views
  • 6 Hours Discussion Span
  • Latest Post Latest Post by Clanstrom
Member Avatar for TechySafi

NO!!
Like you wrote $pass="this_is_my_pass";
php won't let you see this. Even with source view.

Just try, write a simple php page named index.php and run it

<?php
$my="just wondering"; //you can't see this, neither the code nor the value of $my
echo "Or"; //you can see this because it echoed it
$pass=$_POST['pass'];
if($pass)
{
echo "hi, im index.php. I got your password, try to view it if you cant :D";
}
?>
<form action="index.php" method="post">
Password: <input type="text" name"pass" />
</form>
Edited by TechySafi because: n/a
commented: 10 +0
Member Avatar for Clanstrom

Thanks, never though of it like that. Such an easy thing! A Million Thanks

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.