sagitario Posted July 15, 2006 Share Posted July 15, 2006 Hey, It's possible to put the password of de BD in /includes/configure.php and /admin/includes/configure.php encrypted instead of clear text? :( Thanks Link to comment Share on other sites More sharing options...
deathgod Posted July 15, 2006 Share Posted July 15, 2006 not that i know of....but there is no way a person viewing your website with a browser can view your password....only anyone who has access to the files can view it. For example, you, your host, anyone you work with, anyone who hacks your server can download the original php files and view it in notepad. So dont get stupid and have that password the same as your email password, etc... lol, that makes me stupid:) Menou and unome Link to comment Share on other sites More sharing options...
sagitario Posted July 17, 2006 Author Share Posted July 17, 2006 only anyone who has access to the files can view it. For example, you, your host, anyone you work with, anyone who hacks your server can download the original php files and view it in notepad. That is the problem... php have many exploits and it's easy someone hack the server and read the configure.php file. Then he can access to mysql and delete the database of oscommerc. I don't understand very well php code but I see in other aplication using the password of database encripted. If oscommerc used too, this will improved the security... i think :huh: Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.