FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Local vs. hosted connection
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Local vs. hosted connection [message #176975 is a reply to message #176973] Sat, 11 February 2012 19:46 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 2/11/2012 12:17 PM, Aulë wrote:
> Greetings, fine denizens. I've made significant progress in my project
> since my first post here some time ago, and I have a question related to
> a chunk of code I developed to simplify connection to my database.
> Locally, I need one set of parameters, but after uploading the pages to
> my web host, I need a different set of connection parameters. Initially,
> I simply edited the file after uploading it, but that got tiresome
> quickly, so I came up with the following, which sends the correct
> parameters based on the SERVER_NAME value:
>
> <?php
>
> // Define application constants.
> define('HOSTED', ($_SERVER['SERVER_NAME']=='localhost') ? false : true);
>
> // Open the database.
> $db = open_db(HOSTED);
> if ($db) {
> // Do stuff
> }
>
> function open_db($hosted = false) {
>
> // Define connection values.
> if ($hosted) {
> $host = (string) [url=mywebhost.com]mywebhost.com[/url];
> $user = (string) [url=mywebhost_username]mywebhost_username[/url];
> $pass = (string) [url=mywebhost_password]mywebhost_password[/url];
> $data = (string) [url=mywebhost_mysql_database]mywebhost_mysql_database[/url];
> $port = (int) [url=mywebhost_port]mywebhost_port[/url];
> } else {
> $host = "localhost";
> $user = (string) [url=localhost_usename]localhost_usename[/url];
> $pass = (string) [url=localhost_password]localhost_password[/url];
> $data = (string) [url=localhost_mysql_database]localhost_mysql_database[/url];
> $port = (int) [url=localhost_port]localhost_port[/url];
> }
>
> // Execute connection string.
> $db = mysqli_connect($host, $user, $pass, $data, $port);
>
> // Stop script if connection fails.
> if (mysqli_connect_errno()) {
> printf("Connection failed: %s\n", mysqli_connect_error());
> exit();
> } else {
> return($db);
> }
>
> }
> ?>
>
> The cast double brackets are simply placeholders I put here in this post
> to indicated where I have coded my actual parameters in the indicated
> type. (I left "localhost" as it is.)
>
> My question is this: is all this secure on the Web, or is there a way
> for someone to remotely acquire such stored connection parameters?

If it's outside the DOCUMENT_ROOT so no one can download it, it's
secure. Otherwise a server misconfiguration can expose you errors.

Why not just include a configuration file on both systems, each with the
appropriate settings? Much cleaner and less error prone.

BTW - unless you are the domain owner for mywebhost.com, you should not
be using their name. Instead, use example.com, example.org, etc., which
have been specifically reserved for such uses.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Stats comp.lang.php (last 7 days)
Next Topic: Space mistery
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Tue Nov 26 03:43:09 GMT 2024

Total time taken to generate the page: 0.04882 seconds