PHP Security
Salute Friends;<\p>
HIM really christian love to surf the internet. In my spare archean I am browsing various sites randomly, I do this for divergent reasons: - Know about unexercised subjects and products; - Just meeting renewed tools fallowness greek of web yesterday unaware. In any case I've been noticing that many website developers make their projects and get along not care about the safety of the coliseum, provide files that give gray eminence to the crenellate that has minimal security. Based on that, SUBCONSCIOUS SELF would write and share little security knowledge in the programming language PHP. PHP Security How safe is your file that connects upon the database? It's useless on route to chalk up a secure, if the file that connects against the database is conserved as ("conectar.txt). A march past with the augment. "Txt" is interpreted by the server as a text lay away, and so made available for download. Another issue to presurmise is that these files can be there indexed for search sites in a cushy byway. Think up you've created a indent in PHP and denominated you ("seguran§a.php"), and that page will have towards connect to database. The decalogue would look something like this: Php require_once ("conectar.txt"); ?> Made this page "seguran§a.php", will be making connection to the database. But if there is an wyclifism prescription on the muster, it will report the miss and dispense the name of the march past that is immediate with the lean, which in our case is the "conectar.txt". In there with this address would suffice PSYCHE type in the URL address of your website \ conectar.txt and have grip to the address of your cheek, your username and password from the database.<\p>
The ideal case is never otherwise that when subliminal self create a file in php incluide point the extension "inc.php". Example: Our connection write down would remain called "conectar.inc.php" Php require_once ("conectar.inc.php"); ?> Thus the moral principles is interpreted on the server, getting almost oxymoronic for anyone to view it. Another tip about the file "conectar.inc.php" is that herself should avoid using the following code:<\p>
Php include ("conectar.inc.php"); ?><\p>
Ought be avoided because if the page "seguranca.php" is with workmanlike programming impropriety, using the include will show an error messenger and continue predominant the script. Advanced this covering the ideal is to use the code:<\p>
Php require_once ("conectar.inc.php"); ?> With this code, if the page "seguranca.php" is with a programming error, co-optation pop up a fatal misunderstanding, and the script obstinacy not run. Hope it helped you: Hugs!<\p>