Guest Posted February 1, 2007 Share Posted February 1, 2007 Hallo there. I'm a newbe in thinks like oscommerce, and i have configured my webshop without ssl(because of my nice hosting)... My question is, if it is not dangerous to put the loging, servername and password in the /catalog/includes/configure.php? Have i made something wrong? kindly regards :-" Link to comment Share on other sites More sharing options...
param_nirvana Posted February 1, 2007 Share Posted February 1, 2007 Hallo there. I'm a newbe in thinks like oscommerce, and i have configured my webshop without ssl(because of my nice hosting)... My question is, if it is not dangerous to put the loging, servername and password in the /catalog/includes/configure.php? Have i made something wrong? kindly regards :-" Your concern is right. That is the way in OSC. Since this file is not visible on Internet (Well to normal visitors nothing is safefrom hackers ;) ) so you can feel safe. It would be betterif we can have a UNIX like Password storing mechanism... Any taker for it? Link to comment Share on other sites More sharing options...
Guest Posted February 16, 2007 Share Posted February 16, 2007 Your concern is right.That is the way in OSC. Since this file is not visible on Internet (Well to normal visitors nothing is safefrom hackers ;) ) so you can feel safe. It would be betterif we can have a UNIX like Password storing mechanism... Any taker for it? no. i think i didn't know what a taker is. But thank you very much for your answer. bye Link to comment Share on other sites More sharing options...
GemRock Posted February 16, 2007 Share Posted February 16, 2007 ...if it is not dangerous to put the loging, servername and password in the /catalog/includes/configure.php... User name & pw alone, withh the db_server normally being localhost or 127.0.0.1, would not be much useful for nayone who want to connect to your db server: you still need to know the full url to the database server. But if you host tells/requires you to store that full url in the configure.php, then that's unnecessary/stupid/wrong, and you'd ask why or consider changing hosts. Ken commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile). over 20 years of computer programming experience. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.