bloodless2010 Posted December 7, 2012 Share Posted December 7, 2012 Hey there. I have a question about the MySQL.php file, Isn't it possible someone can include the file from your website (In this case the mysql.php) and then use it to connect to your database? Is it possible to stop this? I.e hotlink protection maybe? Thanks. Quote Link to comment Share on other sites More sharing options...
SHAD Posted December 7, 2012 Share Posted December 7, 2012 From the top of my head,maybe you could have some-sort of identification- code which will need to be verified before the file is allowed to be executed? Quote Link to comment Share on other sites More sharing options...
bloodless2010 Posted December 7, 2012 Author Share Posted December 7, 2012 Yeah, I was thinking of that, but I don't want to edit ALL of my files, I don't fancy that ATM, Is it possible to check the URL that it's running at and die / continue from there, i.e if the URL is my domain then it can run, else die. Quote Link to comment Share on other sites More sharing options...
lucky3809 Posted December 8, 2012 Share Posted December 8, 2012 (edited) Relocate it out of the public root then set and change the permission to the file. You will also need to change any page that includes that file, by adding the correct path to it. Edited December 8, 2012 by lucky3809 Quote Link to comment Share on other sites More sharing options...
KyleMassacre Posted December 8, 2012 Share Posted December 8, 2012 What about using define() Quote Link to comment Share on other sites More sharing options...
rockwood Posted May 28, 2013 Share Posted May 28, 2013 MySql is totally unsafe so use mysqli or PDO Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.