Results 1 to 3 of 3

Thread: mysql_connect password encryption

  1. #1
    Junior Member
    Join Date
    Feb 2009
    Posts
    4

    mysql_connect password encryption

    Hi All

    I am a bit concerned about storing my MySQL password as plain-text in PHP source code while calling php_connect().

    Are there any measure or workaround where I can put encrypted password while connecting to my database?

    Any help will be much appreciated.

    Thanks & regards

    Zeronexxx

  2. #2
    AO's Filibustier Cheap Scotch Ron's Avatar
    Join Date
    Nov 2008
    Location
    Swamps of Jersey
    Posts
    378
    In God We Trust....Everything else we backup.

  3. #3
    The one thing the (quite old) article at WebmasterWorld doesn't say is always sanitise the user input or your database will be open to SQL Injection i.e

    $userName = mysql_real_escape_string($_POST["username"]);

    etc... rather than just passing the raw $_POST data to your query.

    Cheers,
    Niggles

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 02:51 PM
  2. An Introduction to Cryptography, and Common Electronic Cryptosystems – Part I
    By 576869746568617 in forum Cryptography, Steganography, etc.
    Replies: 1
    Last Post: July 10th, 2006, 10:38 PM
  3. Secure Passwords Tutorial
    By NeonWizard in forum The Security Tutorials Forum
    Replies: 5
    Last Post: August 13th, 2004, 06:54 PM
  4. Windows XP Tips
    By Nokia in forum Tips and Tricks
    Replies: 4
    Last Post: June 18th, 2004, 04:24 PM
  5. Securing Your Windows PC
    By E5C4P3 in forum The Security Tutorials Forum
    Replies: 10
    Last Post: June 12th, 2002, 04:54 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •