Menu
I am creating a database configuration file for my project, but I am not sure if my config.php is secure.
How would I modify this script for a secure connection?
config.php
<?php
$username="root";
$password="";
$host="localhost";
$database="practise";
?>
Index.php
<?php
include 'config.php';
$con=mysql_connect("$host","$username","$password") or die("Server Error");
mysql_select_db("$database") or die("Database error");
if($con==true)
{
echo "Success";
}
else
{
mysql_close($con);
}
?>
316
The name of the file to be included is written in double-quotes. It is a good practice to write the basic database details and user details in a file named “config. php”. You can also include the connection building statements in the config.
The php. ini file is the default configuration file for running applications that require PHP. It is used to control variables such as upload sizes, file timeouts, and resource limits.
The PHP configuration file allows you to configure the modules enabled, the email settings or the size of the upload files. It is located at installdir/php/etc/php. ini. For example, to modify the default upload limit for PHP, update the PHP configuration file following these instructions.
1) create a config.php
define('DBUSER','username');
define('DBPWD','password');
define('DBHOST','localhost');
define('DBNAME','database name');
2) db.php
<?php
include('config.php');
class db extends mysqli {
// single instance of self shared among all instances
private static $instance = null;
// db connection config vars
private $user = DBUSER;
private $pass = DBPWD;
private $dbName = DBNAME;
private $dbHost = DBHOST;
//This method must be static, and must return an instance of the object if the object
//does not already exist.
public static function getInstance() {
if (!self::$instance instanceof self) {
self::$instance = new self;
}
return self::$instance;
}
// The clone and wakeup methods prevents external instantiation of copies of the Singleton class,
// thus eliminating the possibility of duplicate objects.
public function __clone() {
trigger_error('Clone is not allowed.', E_USER_ERROR);
}
public function __wakeup() {
trigger_error('Deserializing is not allowed.', E_USER_ERROR);
}
private function __construct() {
parent::__construct($this->dbHost, $this->user, $this->pass, $this->dbName);
if (mysqli_connect_error()) {
exit('Connect Error (' . mysqli_connect_errno() . ') '
. mysqli_connect_error());
}
parent::set_charset('utf-8');
}
public function dbquery($query)
{
if($this->query($query))
{
return true;
}
}
public function get_result($query)
{
$result = $this->query($query);
if ($result->num_rows > 0){
$row = $result->fetch_assoc();
return $row;
} else
return null;
}
}
?>
3) uses
require 'db.php';
$query="select * from tbl_session";
$sockets = db::getInstance()->get_result($query);
or any other query
$query="insert into `tbl_chats` (coloum_name) values('".$val."')";
$wisherID = db::getInstance()->dbquery($query);
i find best way to create config.php file for my project
index.php
<?php
include 'config.php';
try
{
$host=$config['DB_HOST'];
$dbname=$config['DB_DATABASE'];
$conn= new PDO("mysql:host=$host;dbname=$dbname",$config['DB_USERNAME'],$config['DB_PASSWORD']);
//new PDO("mysql:host=$hostname;dbname=mysql", $username, $password);
}
catch(PDOException $e)
{
echo "Error:".$e->getMessage();
}
?>
config.php
<?php
$config=array(
'DB_HOST'=>'localhost',
'DB_USERNAME'=>'root',
'DB_PASSWORD'=>'',
'DB_DATABASE'=>'gobinath'
);
?>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With