Help - Search - Members - Calendar
Full Version: Location Of Mysql Connect Script
Zymic Webmaster Forums > Zymic Free Web Hosting > Databases & MySQL
Joe Owens
Jan 31 2010, 11:30 AM
Hi, I'm new here.

I have a question about best practice.
What is the best way to set up a connect script so that it can be included in php code, but is not viewable/acessable from an internet browser?

I've seen recommendations to put it above the htdocs folder, but that does not seem to be possible here?

Thanks, and apologies for such a basic question.

Joe
Jacob
Feb 1 2010, 09:34 AM
Why not just use a "includes" folder?
Joe Owens
Feb 3 2010, 09:58 AM
I just thought that if the file is readable from a browser, it might be (somehow) possible to see the scripting code, userid and password.
Thanks
Ed
Feb 3 2010, 02:39 PM
Use a .htaccess in the includes directory, within which:

CODE
Deny from all


The web browser will refuse to read any file within that directory then; providing the filename ends in '.php', unless Apache's php module breaks, the source of the script is not viewable from a browser in any case.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2012 Invision Power Services, Inc.