m1xolyd1an m1xolyd1an - 5 days ago 7
MySQL Question

Do I need to be concerned about password in mysql_connect in php?

When writing out the connect code to the database isn't it wide open for anyone to view my database username and password? Couldn't they then connect and alter my database? It just seems strange to type out my username and password and not be encrypted.

mysql_connect(localhost, user1, correcthorsebatterystaple)


I know the source isn't viewable when you right-click view source. But if someone created a quick html page with ahref=mywebsite.com/connect_file.php then they right click and download that they can view my PHP code along with my username and passowrd, right?

Answer

PHP is executed on the server and outputs HTML to the client. So the client can never view the PHP source. So you don't have to worry about you passwords safety in those files