All geek questions in one place

Where should the credentials for mysql be set?

Login to mysql database requires credentials. I have these credentials in a PHP class called class.DBOne.php.

This is in the git repository on the server. I use push to deploy.

I want to share the repo with some contract developers, but I don't want them to have access to credentials.

How to soften this?

Are credentials what they should be?

Here is a snippet:

<?php

// creates one instance of a database
class DBOne
{
    private $DB_USER =              'foo';
    private $DB_PASS =              'foo';
    private $DB_DRIVER =            'mysql:dbname=foo;host=localhost';

    // singleton uses static variable to ensure only 1 instance at a time
    private static $database;

    private function __construct()
    {
        $this->checkForClearDB();
        // self::checkForClearPostgres();
        try
        {
            // instaniate a database connection
            self::$database = new PDO( $this->DB_DRIVER, $this->DB_USER, $this->DB_PASS );
        } 
        catch( PDOException $pdoError )
        {
            echo 'pdo connection failed: ' . $pdoError->getMessage();
        }
    }
+4
source share
4 answers

Move the credentials to a separate file, and keep the content as simple as possible, essentially just assigning variables, for example:

<?php    
$DB_USER =              'foo';
$DB_PASS =              'foo';
$DB_DRIVER =            'mysql:dbname=foo;host=localhost';
?>

. , .

, , global, :

global $DB_USER, $DB_PASS, $DB_DRIVER;
+2

https://github.com/vlucas/phpdotenv

.env getenv(), $_ENV $_SERVER.

+2

/ - .

, mysql , , , .

+1

Check out the blackbox . Uses top-level gpg encryption to securely store credentials that only certain users can access (or create slaves).

+1
source

Source: https://habr.com/ru/post/1613904/

More articles:


All Articles