I am creating a database configuration file for my project, but I am not sure if my config.php is secure.
How would I modify this script for a secure connection?
config.php
$username="root";
$password="";
$host="localhost";
$database="practise";
?>
Index.php
include 'config.php';
$con=mysql_connect("$host","$username","$password") or die("Server Error");
mysql_select_db("$database") or die("Database error");
if($con==true)
{
echo "Success";
}
else
{
mysql_close($con);
}
?>
解决方案
i find best way to create config.php file for my project
index.php
include 'config.php';
try
{
$host=$config['DB_HOST'];
$dbname=$config['DB_DATABASE'];
$conn= new PDO("mysql:host=$host;dbname=$dbname",$config['DB_USERNAME'],$config['DB_PASSWORD']);
//new PDO("mysql:host=$hostname;dbname=mysql", $username, $password);
}
catch(PDOException $e)
{
echo "Error:".$e->getMessage();
}
?>
config.php
$config=array(
'DB_HOST'=>'localhost',
'DB_USERNAME'=>'root',
'DB_PASSWORD'=>'',
'DB_DATABASE'=>'gobinath'
);
?>