PHP and MySQL - how to avoid password in source code? [duplicate]

Active3 hr before
Viewed126 times

5 Answers


Remark: It is no longer recommended to use the mysql_connect functions, see Stack Overflow question Why shouldn't I use mysql_ functions in PHP?*. I could have changed the code example, but since some comments refer to this, I did not. However, the original nature of the question remains valid.,I have a small PHP application storing data in a MySQL database. Currently username / password are hard-coded in the PHP code. A situation I do not really like, for example, since the code is also available in a repository.,Another way that is pretty common is to use an XML configuration file and only read in the values that you need as appropriate (storing a cached copy of the config file in memory). This can very easily be restricted to only load in certain values, rather than allowing arbitrary inclusion of PHP files and is overall a better solution in my opinion, but the above should get you started in the right direction.,Many frameworks use this (Zend, CakePHP, Kohana, etc) and it's the most common way of doing things (even in a non-PHP environment such as ASP.NET with its web.config files). This allows you also to copy over configuration values from environment to environment by just copying the files for the site, which is a benefit over relying on server-setup environment variables (which can very quickly be lost and forgotten).

An environment variable is the most common way to differentiate between these environments, something like the below code:

// Check if it's been set by the web server
if (!empty($_ENV['ENVIRONMENT'])) {
   // Copy from web server to PHP constant

if (!defined('ENVIRONMENT')) {
   // Default to development
   define('ENVIRONMENT', 'development');

// Load in default configuration values
require_once 'config.default.php';

// Load in the overridden configuration file for this environment
require_once 'config.'.ENVIRONMENT.
load more v

I have a small PHP application storing data in a MySQL database. Currently username / password are hard-coded in the PHP code. A situation I do not really like, for example, since the code is also available in a repository.,I don't see all this problem here. If you are sharing a repository you don't probably want to hard code passwords and configuration. You should provide defaults one instead:,The data can easily be fetched using $_ENV[] for use in the code.,As others have mentioned, put it in a separate configuration file outside of source control (obviously this will be mentioned in code which is under source control).

The best idea I have is to move the data from the code to a configuration file (excluded from the repository), and somehow encode it, so is not directly readable (obfuscation). Is there any better and easy to use way to solve the issue?

$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$link) {
   die('Could not connect: '.mysql_error());
load more v

Duplicate-Key and Error Handling, For a LOCAL load operation, the client program reads a text file located on the client host. Because the file contents are sent over the connection by the client to the server, using LOCAL is a bit slower than when the server accesses the file directly. On the other hand, you do not need the FILE privilege, and the file can be located in any directory the client program can access. , If the file name is a relative path name, the client program looks for the file relative to its invocation directory. , If LOCAL is specified, the file must be located on the client host. The client program reads the file, locating it as follows:

The non-LOCAL rules mean that the server reads a file named as ./myfile.txt relative to its data directory, whereas it reads a file named as myfile.txt from the database directory of the default database. For example, if the following LOAD DATA statement is executed while db1 is the default database, the server reads the file data.txt from the database directory for db1, even though the statement explicitly loads the file into a table in the db2 database:

INTO TABLE db2.my_table;
load more v

This code will go through the same process no matter what the user or the password is, allowing the application to return in approximately the same response time.,The user is not easily scared by the process of installing TLS certificates on his browser, or there will be someone, probably from IT support, that will do this for the user.,The account registration feature should also be taken into consideration, and the same approach of generic error message can be applied regarding the case in which the user exists.,It is common for an application to have a mechanism that provides a means for a user to gain access to their account in the event they forget their password. Please see Forgot Password Cheat Sheet for details on this feature.

password_hash = HASH(password)
IS_VALID = LOOKUP_CREDENTIALS_IN_STORE(username, password_hash)
RETURN Error("Invalid Username or Password!")
RETURN Error("Invalid Username or Password!")
load more v

The value of the MySQL SQL function LAST_INSERT_ID() always contains the most recently generated AUTO_INCREMENT value, and is not reset between queries. , The ID generated for an AUTO_INCREMENT column by the previous query on success, 0 if the previous query does not generate an AUTO_INCREMENT value, or false if no MySQL connection was established. , Retrieves the ID generated for an AUTO_INCREMENT column by the previous query (usually INSERT). , mysql_insert_id() will convert the return type of the native MySQL C API function mysql_insert_id() to a type of long (named int in PHP). If your AUTO_INCREMENT column has a column type of BIGINT (64 bits) the conversion may result in an incorrect value. Instead, use the internal MySQL SQL function LAST_INSERT_ID() in an SQL query. For more information about PHP's maximum integer values, please see the integer documentation.

load more v