Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts

    Is it safe to put database info in my page header?

    Hi All,

    i have this code in my header
    PHP Code:
    if( isset($_POST['submit'])) {
       if( 
    $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) {
            
    // Insert you code for processing the form here, e.g emailing the submission, entering it into a database.
            
    $sql_temp=
            UPDATE ratings SET used_ips = 'NULL',total_value = '0',total_votes = '0' WHERE id = 'valuetemp';
            UPDATE ratings SET used_ips = 'NULL',total_value = '0',total_votes = '0' WHERE id = 'easeofusetemp';
            UPDATE ratings SET used_ips = 'NULL',total_value = '0',total_votes = '0' WHERE id = 'deliverytemp';
            UPDATE ratings SET used_ips = 'NULL',total_value = '0',total_votes = '0' WHERE id = 'delchargetemp';"
    ;
            
    $query_temp mysql_query($sql_temp);        
            
            echo 
    'Your vote has been counted! Thank you for voting';
            unset(
    $_SESSION['security_code']);
       } else {
            
    // Insert your code for showing an error message here
            
    echo 'Sorry, you have provided an invalid security code';
       }

    but when i submit my form the above queries dont run and produce an error because it cant connect to the database, so my question is can i put

    PHP Code:
    $user_name "*******";
        
    $password "***********";
        
    $database "**********";
        
    $server "************";

           
    $db_handle mysql_connect($server$user_name$password);
        
    $db_found mysql_select_db($database$db_handle);

    if (
    $db_found) { 
    in the header?, or can i move the first piece of codeinto the body?

    here is my page

    any help welcomed

    cheers
    Luke

  • #2
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    Your DB connection should either be in an include file, or at the very top of your page after <?php or after session_start. As long as it's a php file they can't read the source and get your info.

  • #3
    Senior Coder
    Join Date
    Jun 2008
    Location
    Cornwall
    Posts
    2,097
    Thanks
    297
    Thanked 12 Times in 12 Posts
    Hi masterofollies,

    thanks for the confirmation, just wanted to be sure

    cheers
    Luke

  • #4
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    Welcome


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •