useruseruser useruseruser - 6 months ago 22
SQL Question

Securely Connected to MySQL DB via PHP

Is there a more secure or standard way to access your mysql db via php then explicitly writing your credentials like the following...

$servername = "localhost";
$username = "user1";
$password = "pass1";
$dbname = "test-db";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}


If so, any ideas where to find more information and study up on the subject?

Answer

Move it into an environment file, preferable the apache environment file, if you are on a LAMP stack.

<VirtualHost hostname:80>

SetEnv mysqllogin user
SetEnv mysqlpassword secret

</VirtualHost>

Then you can access it in PHP like so.

apache_getenv('mysqlpassword')
Comments