password are litterally on the page?

A

Anonymous

Guest
hi experts!

i'm a newbie trying to develop an forum.... anyway, it appears that on any page that i need to access the mySQL database, i have litterally put down the password and username of on the php page. in order to make the query to the database, is it the common way that the professional webpage does? i mean, who ever crack the host provider, they can get the password and username and do nasty thing to it. or the admin of the host provider can access your database and God knows what they do about it... is there any other way to block or at least hide the username and password to everyone else except the owner?

thanks
 
First, bear in mind that no system will ever be 100% secure. It's just not possible. This is the golden rule of network security.

Now, if you're talking about your MySQL password (e.g. the one you use in your mysql_connect() function), then yeah, essentially it has to be in plaintext in a PHP file somewhere. Usually people put their mysql_connect() function in a file like db.inc.php (don't do just db.inc, because the server will probably just pass this straight to the browser without parsing it if a nefarious user manages to guess the filename). Next, you should probably change the permissions so that only the owner and PHP can read or write it. But if PHP parses it (that is, if it's between <?php ?> tags and you don't echo it), it will never reach the user through normal means. But, as you say, if your host is cracked and cracked well, you've no protection. This is a fact of life and there's little you can do about it. Well, that's not quite true, but as you refer to yourself as a newbie, I won't get into the finer points just yet.

Now, if you're keeping a user database such as many sites (like this one) have, never ever store unencrypted user passwords in the database. Ever. Always encrypt passwords using MySQL's PASSWORD() function. When you use this method (or a similar un-decryptable format like md4 or crc32), the password can never be read or even decrypted by anyone, not even you or your sysadmin. This is good for your users, so it's good for you. When a user logs in, you have to encrypt the password they enter and see if the encrypted version matches the encrypted password in the database.

Lastly, this part of your post concerns me a bit:

DigitalRice said:
or the admin of the host provider can access your database and God knows what they do about it...
Click to expand...

I'm going to make this as clear as possible: If you don't trust your admin or hosting provider, find a different provider. I cannot stress this enough. If you anticipate handling any even moderately sensitive data on behalf of your users, you cannot take this lightly. If you do not have 100% trust in your provider, then they're not the right provider for you.

I sincerely recommend that you go Google as many PHP security and PHP/MySQL security articles as you can find and read them thoroughly if you're truly worried about security in your scripts.
 
thanks swirlee, that's really helpful. i guess that everyone has to learn to trust people sometime then, at least the host provider... anyway, you saying that when a user register for a username and password, like this register this forum, i should use the password that the user provide and use the mysql PASSWORD() to encrypt it and save it to the database, and when the user login into the website and provide username and password, now i have to encrypted the password that the user just provide and match it with the registered password to see if it match and so on to let the user login....

assume that i encrypted the password each time the user login, then register it to some session(), is it possible to decrypted if it got into the intruder hand? i mean the worse case scenario?

i really love the security hole and privacy, hope to learn from you and other people out there

thanks
 
Just remember, you hosting company can easily do anything they want with anything of your data, them being able to read the password is the last of your worries.

It would not be decryptable, encryption uses a key to turn a string encrypted.

For example, the password "mega" would use say, the number of characters to encrypt the passowrd, or the second characters ASCII representation.

You should not be registering the password to the session anyway, just something like a boolean with "logged in" or their user id.
 
DigitalRice said:
anyway, you saying that when a user register for a username and password, like this register this forum, i should use the password that the user provide and use the mysql PASSWORD() to encrypt it and save it to the database, and when the user login into the website and provide username and password, now i have to encrypted the password that the user just provide and match it with the registered password to see if it match and so on to let the user login....
Click to expand...

Yes, this is correct. Also, Joel is correct on both counts. Generally you don't want to store any representation of the password in a cookie. If you're creating a user login system, you should just use PHP's built-in sessions anyway instead of handling the cookies manually.
 
You must log in or register to reply here.
Back
Top