For questions about the PHP file tree, please explain

Source: Internet
Author: User
Tags php and mysql
For questions about the PHP file tree, please explain.
PHP scripts that is used to connect to the database need access to the password for
That user. This can is done reasonably securely by putting the login and password in a
File called, for example, dbconnect.php, and then include when needed. This script
Can be carefully stored outside the Web document tree and made accessible
Appropriate user.

I am learning Web programming, read PHP and MySQL Web development, I would like to ask this sentence how to understand.
This script can is carefully stored outside the Web document tree and made accessible only the appropriate user.

Do not put the script under the file tree, then upload to the virtual space, how to access the script?

PHP Tree Web Development


------Solution--------------------
When needed, the full path contains,
Security-related reasons.

------Solution--------------------
Citation:
My understanding is this:

My Web files are all placed under the MyWeb folder, in order to secure the data, I put all the database files under the MySQL folder.
So this myweb is the Web file tree?

But upload the time is not to put this two folders are uploaded, then others have not been able to access my database files

The number of files that are required to run all sites except sensitive files.
This sensitive file includes the user name and password to connect to the database.

MySQL folder is a database level, this can be imported and exported to complete the initialization of data and backup operations, not within the scope of this discussion.
------Solution--------------------
First of all, this sentence is to give the server control of the proposal-put to the site directory, with absolute path to introduce
This is primarily to prevent accidental situations where anonymous visitors can see the PHP source code, such as a sudden problem with PHP parsing, the original PHP file shows
Or forget to add fault tolerance and hide error messages, the PHP file name of the connection database exposes

Virtual space database generally do not allow external access, only local 127.0.0.1 connection, so the password leaked in a short period of time or not to worry about, as soon as possible to change the password on the line

As for hacking, it's not something that can be solved here.
------Solution--------------------
Safety is relative.
Although dbconnect.php this contains the password but also to enter the file system to see
If an intruder is able to enter the file system of a virtual space, what is he not allowed to do? Even if your dbconnect.php is not in the web jurisdiction, you can still see it. What's more, there's a copy in the database?
------Solution--------------------
If your password is assigned to a PHP statement, not a txt or INI, so that the HTTP connection is not visible, only PHP parsing error will be displayed

Because the virtual space is usually limited only to the local database connection, so the outside know that the password is not connected, a short period of time to change the password as soon as possible

Virtual space to do some related things, such as more fault tolerance, one-click Closed Station and so on
  • Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.