Will changing the php/mysql database create an insecure connection?How do I quickly rename a MySQL database (change schema name)?What is the best collation to use for MySQL with PHP?How do I connect to a MySQL Database in Python?PHP MySQL database problemError: mysqlnd cannot connect to MySQL 4.1+ using the old insecure authenticationHow to get the sizes of the tables of a MySQL database?PHP 5.4 PDO could not connect to MySQL 4.1+ using the old insecure authenticationHow to Get List Database MySQL with PHP and MYSQLIMysql password expired. Can't connectPHP to another server with the mysql database on it
What are examples of EU policies that are beneficial for one EU country, disadvantagious for another?
Is there a concept of "peer review" in Rabbinical Judaism?
Is the iPhone's eSim for the home or roaming carrier?
Why does the leading tone (G#) go to E rather than A in this example?
Can I enter the UK without my husband if we said we'd travel together in our visa application?
How to stop the death waves in my city?
Designing a time thief proof safe
Why are there two fundamental laws of logic?
What does Sartre mean by "pédéraste" - pederast or homosexual?
Why does this image of Jupiter look so strange?
Why does C++ have 'Undefined Behaviour' and other languages like C# or Java don't?
Character Transformation
Which lens has the same capability of lens mounted in Nikon P1000?
Top off gas with old oil, is that bad?
I transpose the source code, you transpose the input!
Is differentiation as a map discontinuous?
Why is STARTTLS still used?
Practicality of 30 year fixed mortgage at 55 years of age
Is it impolite to ask for an in-flight catalogue with no intention of buying?
Neural Network vs regression
Beyond Futuristic Technology for an Alien Warship?
Why does my browser attempt to download pages from http://clhs.lisp.se instead of viewing them normally?
How can this Stack Exchange site have an animated favicon?
Why isn't there armor to protect from spells in the Potterverse?
Will changing the php/mysql database create an insecure connection?
How do I quickly rename a MySQL database (change schema name)?What is the best collation to use for MySQL with PHP?How do I connect to a MySQL Database in Python?PHP MySQL database problemError: mysqlnd cannot connect to MySQL 4.1+ using the old insecure authenticationHow to get the sizes of the tables of a MySQL database?PHP 5.4 PDO could not connect to MySQL 4.1+ using the old insecure authenticationHow to Get List Database MySQL with PHP and MYSQLIMysql password expired. Can't connectPHP to another server with the mysql database on it
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
Or: "Will changing the php/mysql database in this manner create an insecure connection?"
I am thinking of automating my live/test databases. I am a bit mysql naïve, so I thought I better ask this question here:
What would the ramifications and/or security concerns be in the following php/mysql scenario?
// set up the standard database
// Connection codes:
$host="localhost";
$user="imauser";
$password="imapassword";
$dbname="liveDB";
$cxn = mysqli_connect ($host,$user,$password,$dbname)
or die ("Couldn't connect to the server.");
// check if $testMode is active, and reset $cxn with a new (test) $dbname:
if($testMode == TRUE)
$dbname="testDB"; // test database
// reset the cxn:
$cxn = mysqli_connect ($host,$user,$password,$dbname)
or die ("Couldn't connect to the server.");
This would allow me to toggle $testMode at a higher level in the code. Will the simple overwriting of $cxn work, or will I have an open and active mysqli_connect connection left hanging?
php mysql security database-connection
asked Mar 28 at 18:39
ParapluieParapluie
3771 gold badge4 silver badges14 bronze badges
add a comment
|
Or: "Will changing the php/mysql database in this manner create an insecure connection?"
I am thinking of automating my live/test databases. I am a bit mysql naïve, so I thought I better ask this question here:
What would the ramifications and/or security concerns be in the following php/mysql scenario?
// set up the standard database
// Connection codes:
$host="localhost";
$user="imauser";
$password="imapassword";
$dbname="liveDB";
$cxn = mysqli_connect ($host,$user,$password,$dbname)
or die ("Couldn't connect to the server.");
// check if $testMode is active, and reset $cxn with a new (test) $dbname:
if($testMode == TRUE)
$dbname="testDB"; // test database
// reset the cxn:
$cxn = mysqli_connect ($host,$user,$password,$dbname)
or die ("Couldn't connect to the server.");
This would allow me to toggle $testMode at a higher level in the code. Will the simple overwriting of $cxn work, or will I have an open and active mysqli_connect connection left hanging?
php mysql security database-connection
asked Mar 28 at 18:39
ParapluieParapluie
3771 gold badge4 silver badges14 bronze badges
add a comment
|
Or: "Will changing the php/mysql database in this manner create an insecure connection?"
I am thinking of automating my live/test databases. I am a bit mysql naïve, so I thought I better ask this question here:
What would the ramifications and/or security concerns be in the following php/mysql scenario?
// set up the standard database
// Connection codes:
$host="localhost";
$user="imauser";
$password="imapassword";
$dbname="liveDB";
$cxn = mysqli_connect ($host,$user,$password,$dbname)
or die ("Couldn't connect to the server.");
// check if $testMode is active, and reset $cxn with a new (test) $dbname:
if($testMode == TRUE)
$dbname="testDB"; // test database
// reset the cxn:
$cxn = mysqli_connect ($host,$user,$password,$dbname)
or die ("Couldn't connect to the server.");
This would allow me to toggle $testMode at a higher level in the code. Will the simple overwriting of $cxn work, or will I have an open and active mysqli_connect connection left hanging?
php mysql security database-connection
asked Mar 28 at 18:39
ParapluieParapluie
3771 gold badge4 silver badges14 bronze badges
Or: "Will changing the php/mysql database in this manner create an insecure connection?"
I am thinking of automating my live/test databases. I am a bit mysql naïve, so I thought I better ask this question here:
What would the ramifications and/or security concerns be in the following php/mysql scenario?
// set up the standard database
// Connection codes:
$host="localhost";
$user="imauser";
$password="imapassword";
$dbname="liveDB";
$cxn = mysqli_connect ($host,$user,$password,$dbname)
or die ("Couldn't connect to the server.");
// check if $testMode is active, and reset $cxn with a new (test) $dbname:
if($testMode == TRUE)
$dbname="testDB"; // test database
// reset the cxn:
$cxn = mysqli_connect ($host,$user,$password,$dbname)
or die ("Couldn't connect to the server.");
This would allow me to toggle $testMode at a higher level in the code. Will the simple overwriting of $cxn work, or will I have an open and active mysqli_connect connection left hanging?
php mysql security database-connection
php mysql security database-connection
asked Mar 28 at 18:39
ParapluieParapluie
3771 gold badge4 silver badges14 bronze badges
asked Mar 28 at 18:39
ParapluieParapluie
3771 gold badge4 silver badges14 bronze badges
asked Mar 28 at 18:39
ParapluieParapluie
3771 gold badge4 silver badges14 bronze badges
asked Mar 28 at 18:39
ParapluieParapluie
3771 gold badge4 silver badges14 bronze badges
asked Mar 28 at 18:39
ParapluieParapluie
3771 gold badge4 silver badges14 bronze badges
3771 gold badge4 silver badges14 bronze badges
add a comment
|
add a comment
|
3 Answers
3
active
oldest
votes
I don't see anything that I would consider insecure in your code. However, doing mysqli_connect() twice seems unnecessary.
You could create a simple ternary for this;
// set up the standard database
// Connection codes:
$host = "localhost";
$user = "imauser";
$password = "imapassword";
//use a ternary like this
$dbname = $testMode ? 'testDB' : 'liveDB';
$cxn = mysqli_connect($host, $user, $password, $dbname) or die("Couldn't connect to the server: " . mysqli_connect_errno());
Explanation
The ternary in the code above is equivalent to:
if($testMode == true)
$dbname = 'testDB';
else
$dbname = 'liveDB';
Ternaries can be simply explained like this $variable = CONDITION ? TRUE : FALSE
If you have a Boolean variable (such as $testMode); you can check if it's true or false by checking it directly as a condition.
if($testMode) is equivalent to if($testMode == true).
Other Changes
- I changed your
die()call to actually display the error if it can't
connect. - Changed some formatting to be more easily readable.
answered Mar 28 at 18:45
GrumpyCroutonGrumpyCrouton
4,5624 gold badges18 silver badges49 bronze badges
1
A truly eloquent answer with depth. This is very helpful. Thank you, Grumpy. I had to juggle some code around to make this work; but it does very well. All the best.
– Parapluie
Mar 29 at 0:10
@Parapluie Glad that I could help.
– GrumpyCrouton
Mar 29 at 12:35
add a comment
|
It's better to keep your database credentials separate from your code. Just in case anyone finds a way to read your code, they shouldn't see your database password.
Keep the database credentials in a config file, which your app reads on startup. I'd use parse_ini_file().
Here's an example config file:
[database]
host=localhost
user=imauser
password=imapassword
dbname=liveDB
Here's how you'd read it:
$config = parse_ini_file('config.ini', true);
If I output print_r($config), I see this:
Array
(
[database] => Array
(
[host] => localhost
[user] => imauser
[password] => imapassword
[dbname] => liveDB
)
)
That way you can deploy the same code in both test and production environments, and you only need to replace the config file in the test and production servers.
NOTE: Make sure you don't put your config file under the directory that the web server can serve files from. Your PHP code can read a file from anywhere on your server, so make sure no one can simply open the config file in a browser.
answered Mar 28 at 18:58
Bill KarwinBill Karwin
401k67 gold badges547 silver badges700 bronze badges
1
That's true. I will clarify that in my answer.
– Bill Karwin
Mar 28 at 19:18
Bill, a great idea. I'll likely implement this in some form in the near future. Really though, I don't have separate production servers, just a "sandbox" directory and test database.I can see the advantages here though.
– Parapluie
Mar 29 at 0:07
add a comment
|
I mean there are no security or other issues that would arise from this as long as you remember to change your test mode variable. Though I would do this with a switch statement like so
$devmode = "TEST";
$conn = null;
switch($devmode)
case "TEST"
//conn here
break;
//case dev
default:
//local host con or prod conn
break;
There are better ways to do this though, i'd highly suggest looking at something like doctrine to manage all your SQL for you, in doctrine you can easily swap your connections plus its database type independent.
answered Mar 28 at 18:44
LulceltechLulceltech
1,3574 silver badges15 bronze badges
add a comment
|
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/4.0/"u003ecc by-sa 4.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55404747%2fwill-changing-the-php-mysql-database-create-an-insecure-connection%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
I don't see anything that I would consider insecure in your code. However, doing mysqli_connect() twice seems unnecessary.
You could create a simple ternary for this;
// set up the standard database
// Connection codes:
$host = "localhost";
$user = "imauser";
$password = "imapassword";
//use a ternary like this
$dbname = $testMode ? 'testDB' : 'liveDB';
$cxn = mysqli_connect($host, $user, $password, $dbname) or die("Couldn't connect to the server: " . mysqli_connect_errno());
Explanation
The ternary in the code above is equivalent to:
if($testMode == true)
$dbname = 'testDB';
else
$dbname = 'liveDB';
Ternaries can be simply explained like this $variable = CONDITION ? TRUE : FALSE
If you have a Boolean variable (such as $testMode); you can check if it's true or false by checking it directly as a condition.
if($testMode) is equivalent to if($testMode == true).
Other Changes
- I changed your
die()call to actually display the error if it can't
connect. - Changed some formatting to be more easily readable.
answered Mar 28 at 18:45
GrumpyCroutonGrumpyCrouton
4,5624 gold badges18 silver badges49 bronze badges
1
A truly eloquent answer with depth. This is very helpful. Thank you, Grumpy. I had to juggle some code around to make this work; but it does very well. All the best.
– Parapluie
Mar 29 at 0:10
@Parapluie Glad that I could help.
– GrumpyCrouton
Mar 29 at 12:35
add a comment
|
I don't see anything that I would consider insecure in your code. However, doing mysqli_connect() twice seems unnecessary.
You could create a simple ternary for this;
// set up the standard database
// Connection codes:
$host = "localhost";
$user = "imauser";
$password = "imapassword";
//use a ternary like this
$dbname = $testMode ? 'testDB' : 'liveDB';
$cxn = mysqli_connect($host, $user, $password, $dbname) or die("Couldn't connect to the server: " . mysqli_connect_errno());
Explanation
The ternary in the code above is equivalent to:
if($testMode == true)
$dbname = 'testDB';
else
$dbname = 'liveDB';
Ternaries can be simply explained like this $variable = CONDITION ? TRUE : FALSE
If you have a Boolean variable (such as $testMode); you can check if it's true or false by checking it directly as a condition.
if($testMode) is equivalent to if($testMode == true).
Other Changes
- I changed your
die()call to actually display the error if it can't
connect. - Changed some formatting to be more easily readable.
answered Mar 28 at 18:45
GrumpyCroutonGrumpyCrouton
4,5624 gold badges18 silver badges49 bronze badges
1
A truly eloquent answer with depth. This is very helpful. Thank you, Grumpy. I had to juggle some code around to make this work; but it does very well. All the best.
– Parapluie
Mar 29 at 0:10
@Parapluie Glad that I could help.
– GrumpyCrouton
Mar 29 at 12:35
add a comment
|
I don't see anything that I would consider insecure in your code. However, doing mysqli_connect() twice seems unnecessary.
You could create a simple ternary for this;
// set up the standard database
// Connection codes:
$host = "localhost";
$user = "imauser";
$password = "imapassword";
//use a ternary like this
$dbname = $testMode ? 'testDB' : 'liveDB';
$cxn = mysqli_connect($host, $user, $password, $dbname) or die("Couldn't connect to the server: " . mysqli_connect_errno());
Explanation
The ternary in the code above is equivalent to:
if($testMode == true)
$dbname = 'testDB';
else
$dbname = 'liveDB';
Ternaries can be simply explained like this $variable = CONDITION ? TRUE : FALSE
If you have a Boolean variable (such as $testMode); you can check if it's true or false by checking it directly as a condition.
if($testMode) is equivalent to if($testMode == true).
Other Changes
- I changed your
die()call to actually display the error if it can't
connect. - Changed some formatting to be more easily readable.
answered Mar 28 at 18:45
GrumpyCroutonGrumpyCrouton
4,5624 gold badges18 silver badges49 bronze badges
I don't see anything that I would consider insecure in your code. However, doing mysqli_connect() twice seems unnecessary.
You could create a simple ternary for this;
// set up the standard database
// Connection codes:
$host = "localhost";
$user = "imauser";
$password = "imapassword";
//use a ternary like this
$dbname = $testMode ? 'testDB' : 'liveDB';
$cxn = mysqli_connect($host, $user, $password, $dbname) or die("Couldn't connect to the server: " . mysqli_connect_errno());
Explanation
The ternary in the code above is equivalent to:
if($testMode == true)
$dbname = 'testDB';
else
$dbname = 'liveDB';
Ternaries can be simply explained like this $variable = CONDITION ? TRUE : FALSE
If you have a Boolean variable (such as $testMode); you can check if it's true or false by checking it directly as a condition.
if($testMode) is equivalent to if($testMode == true).
Other Changes
- I changed your
die()call to actually display the error if it can't
connect. - Changed some formatting to be more easily readable.
answered Mar 28 at 18:45
GrumpyCroutonGrumpyCrouton
4,5624 gold badges18 silver badges49 bronze badges
edited Mar 28 at 18:56
answered Mar 28 at 18:45
GrumpyCroutonGrumpyCrouton
4,5624 gold badges18 silver badges49 bronze badges
answered Mar 28 at 18:45
GrumpyCroutonGrumpyCrouton
4,5624 gold badges18 silver badges49 bronze badges
answered Mar 28 at 18:45
GrumpyCroutonGrumpyCrouton
4,5624 gold badges18 silver badges49 bronze badges
4,5624 gold badges18 silver badges49 bronze badges
1
A truly eloquent answer with depth. This is very helpful. Thank you, Grumpy. I had to juggle some code around to make this work; but it does very well. All the best.
– Parapluie
Mar 29 at 0:10
@Parapluie Glad that I could help.
– GrumpyCrouton
Mar 29 at 12:35
add a comment
|
1
A truly eloquent answer with depth. This is very helpful. Thank you, Grumpy. I had to juggle some code around to make this work; but it does very well. All the best.
– Parapluie
Mar 29 at 0:10
@Parapluie Glad that I could help.
– GrumpyCrouton
Mar 29 at 12:35
1
1
A truly eloquent answer with depth. This is very helpful. Thank you, Grumpy. I had to juggle some code around to make this work; but it does very well. All the best.
– Parapluie
Mar 29 at 0:10
A truly eloquent answer with depth. This is very helpful. Thank you, Grumpy. I had to juggle some code around to make this work; but it does very well. All the best.
– Parapluie
Mar 29 at 0:10
@Parapluie Glad that I could help.
– GrumpyCrouton
Mar 29 at 12:35
@Parapluie Glad that I could help.
– GrumpyCrouton
Mar 29 at 12:35
add a comment
|
It's better to keep your database credentials separate from your code. Just in case anyone finds a way to read your code, they shouldn't see your database password.
Keep the database credentials in a config file, which your app reads on startup. I'd use parse_ini_file().
Here's an example config file:
[database]
host=localhost
user=imauser
password=imapassword
dbname=liveDB
Here's how you'd read it:
$config = parse_ini_file('config.ini', true);
If I output print_r($config), I see this:
Array
(
[database] => Array
(
[host] => localhost
[user] => imauser
[password] => imapassword
[dbname] => liveDB
)
)
That way you can deploy the same code in both test and production environments, and you only need to replace the config file in the test and production servers.
NOTE: Make sure you don't put your config file under the directory that the web server can serve files from. Your PHP code can read a file from anywhere on your server, so make sure no one can simply open the config file in a browser.
answered Mar 28 at 18:58
Bill KarwinBill Karwin
401k67 gold badges547 silver badges700 bronze badges
1
That's true. I will clarify that in my answer.
– Bill Karwin
Mar 28 at 19:18
Bill, a great idea. I'll likely implement this in some form in the near future. Really though, I don't have separate production servers, just a "sandbox" directory and test database.I can see the advantages here though.
– Parapluie
Mar 29 at 0:07
add a comment
|
It's better to keep your database credentials separate from your code. Just in case anyone finds a way to read your code, they shouldn't see your database password.
Keep the database credentials in a config file, which your app reads on startup. I'd use parse_ini_file().
Here's an example config file:
[database]
host=localhost
user=imauser
password=imapassword
dbname=liveDB
Here's how you'd read it:
$config = parse_ini_file('config.ini', true);
If I output print_r($config), I see this:
Array
(
[database] => Array
(
[host] => localhost
[user] => imauser
[password] => imapassword
[dbname] => liveDB
)
)
That way you can deploy the same code in both test and production environments, and you only need to replace the config file in the test and production servers.
NOTE: Make sure you don't put your config file under the directory that the web server can serve files from. Your PHP code can read a file from anywhere on your server, so make sure no one can simply open the config file in a browser.
answered Mar 28 at 18:58
Bill KarwinBill Karwin
401k67 gold badges547 silver badges700 bronze badges
1
That's true. I will clarify that in my answer.
– Bill Karwin
Mar 28 at 19:18
Bill, a great idea. I'll likely implement this in some form in the near future. Really though, I don't have separate production servers, just a "sandbox" directory and test database.I can see the advantages here though.
– Parapluie
Mar 29 at 0:07
add a comment
|
It's better to keep your database credentials separate from your code. Just in case anyone finds a way to read your code, they shouldn't see your database password.
Keep the database credentials in a config file, which your app reads on startup. I'd use parse_ini_file().
Here's an example config file:
[database]
host=localhost
user=imauser
password=imapassword
dbname=liveDB
Here's how you'd read it:
$config = parse_ini_file('config.ini', true);
If I output print_r($config), I see this:
Array
(
[database] => Array
(
[host] => localhost
[user] => imauser
[password] => imapassword
[dbname] => liveDB
)
)
That way you can deploy the same code in both test and production environments, and you only need to replace the config file in the test and production servers.
NOTE: Make sure you don't put your config file under the directory that the web server can serve files from. Your PHP code can read a file from anywhere on your server, so make sure no one can simply open the config file in a browser.
answered Mar 28 at 18:58
Bill KarwinBill Karwin
401k67 gold badges547 silver badges700 bronze badges
It's better to keep your database credentials separate from your code. Just in case anyone finds a way to read your code, they shouldn't see your database password.
Keep the database credentials in a config file, which your app reads on startup. I'd use parse_ini_file().
Here's an example config file:
[database]
host=localhost
user=imauser
password=imapassword
dbname=liveDB
Here's how you'd read it:
$config = parse_ini_file('config.ini', true);
If I output print_r($config), I see this:
Array
(
[database] => Array
(
[host] => localhost
[user] => imauser
[password] => imapassword
[dbname] => liveDB
)
)
That way you can deploy the same code in both test and production environments, and you only need to replace the config file in the test and production servers.
NOTE: Make sure you don't put your config file under the directory that the web server can serve files from. Your PHP code can read a file from anywhere on your server, so make sure no one can simply open the config file in a browser.
answered Mar 28 at 18:58
Bill KarwinBill Karwin
401k67 gold badges547 silver badges700 bronze badges
edited Mar 28 at 19:20
answered Mar 28 at 18:58
Bill KarwinBill Karwin
401k67 gold badges547 silver badges700 bronze badges
answered Mar 28 at 18:58
Bill KarwinBill Karwin
401k67 gold badges547 silver badges700 bronze badges
answered Mar 28 at 18:58
Bill KarwinBill Karwin
401k67 gold badges547 silver badges700 bronze badges
401k67 gold badges547 silver badges700 bronze badges
1
That's true. I will clarify that in my answer.
– Bill Karwin
Mar 28 at 19:18
Bill, a great idea. I'll likely implement this in some form in the near future. Really though, I don't have separate production servers, just a "sandbox" directory and test database.I can see the advantages here though.
– Parapluie
Mar 29 at 0:07
add a comment
|
1
That's true. I will clarify that in my answer.
– Bill Karwin
Mar 28 at 19:18
Bill, a great idea. I'll likely implement this in some form in the near future. Really though, I don't have separate production servers, just a "sandbox" directory and test database.I can see the advantages here though.
– Parapluie
Mar 29 at 0:07
1
1
That's true. I will clarify that in my answer.
– Bill Karwin
Mar 28 at 19:18
That's true. I will clarify that in my answer.
– Bill Karwin
Mar 28 at 19:18
Bill, a great idea. I'll likely implement this in some form in the near future. Really though, I don't have separate production servers, just a "sandbox" directory and test database.I can see the advantages here though.
– Parapluie
Mar 29 at 0:07
Bill, a great idea. I'll likely implement this in some form in the near future. Really though, I don't have separate production servers, just a "sandbox" directory and test database.I can see the advantages here though.
– Parapluie
Mar 29 at 0:07
add a comment
|
I mean there are no security or other issues that would arise from this as long as you remember to change your test mode variable. Though I would do this with a switch statement like so
$devmode = "TEST";
$conn = null;
switch($devmode)
case "TEST"
//conn here
break;
//case dev
default:
//local host con or prod conn
break;
There are better ways to do this though, i'd highly suggest looking at something like doctrine to manage all your SQL for you, in doctrine you can easily swap your connections plus its database type independent.
answered Mar 28 at 18:44
LulceltechLulceltech
1,3574 silver badges15 bronze badges
add a comment
|
I mean there are no security or other issues that would arise from this as long as you remember to change your test mode variable. Though I would do this with a switch statement like so
$devmode = "TEST";
$conn = null;
switch($devmode)
case "TEST"
//conn here
break;
//case dev
default:
//local host con or prod conn
break;
There are better ways to do this though, i'd highly suggest looking at something like doctrine to manage all your SQL for you, in doctrine you can easily swap your connections plus its database type independent.
answered Mar 28 at 18:44
LulceltechLulceltech
1,3574 silver badges15 bronze badges
add a comment
|
I mean there are no security or other issues that would arise from this as long as you remember to change your test mode variable. Though I would do this with a switch statement like so
$devmode = "TEST";
$conn = null;
switch($devmode)
case "TEST"
//conn here
break;
//case dev
default:
//local host con or prod conn
break;
There are better ways to do this though, i'd highly suggest looking at something like doctrine to manage all your SQL for you, in doctrine you can easily swap your connections plus its database type independent.
answered Mar 28 at 18:44
LulceltechLulceltech
1,3574 silver badges15 bronze badges
I mean there are no security or other issues that would arise from this as long as you remember to change your test mode variable. Though I would do this with a switch statement like so
$devmode = "TEST";
$conn = null;
switch($devmode)
case "TEST"
//conn here
break;
//case dev
default:
//local host con or prod conn
break;
There are better ways to do this though, i'd highly suggest looking at something like doctrine to manage all your SQL for you, in doctrine you can easily swap your connections plus its database type independent.
answered Mar 28 at 18:44
LulceltechLulceltech
1,3574 silver badges15 bronze badges
answered Mar 28 at 18:44
LulceltechLulceltech
1,3574 silver badges15 bronze badges
answered Mar 28 at 18:44
LulceltechLulceltech
1,3574 silver badges15 bronze badges
answered Mar 28 at 18:44
LulceltechLulceltech
1,3574 silver badges15 bronze badges
1,3574 silver badges15 bronze badges
add a comment
|
add a comment
|
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55404747%2fwill-changing-the-php-mysql-database-create-an-insecure-connection%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
