Hi Vishal!
hello ppl, i am wondering abut is there any way i can
encrypt my phpmyadmin
config file so that no body can get the username/passwd of the databse. the
thing i want is the config file must be encrypted and decrypt only at
application level ie it must decrypt only on execution (at applicatin level) and
once the session will be finished it must encrypt again.
This would be security by obscurity, if the de/encoding would take place without
an additional password. On top of that, it would slow down the PMA execution an
awful lot.
The wiser thing to do is NOT to store passwords in your config file and instead
use Cookie or HTTP Authentication via SSL. Then nobody can steal your
config.inc.php file and read passwords.
Storing the passwords in the file on servers where untrusted users have access
to is never advisable...
Regards,
Garvin
--
++ Garvin Hicking | Web-Entwickler [PHP] |
www.garv.in | ICQ 21392242
++ Developer of |
www.phpMyAdmin.net |
www.s9y.org
++ Make me happy |
http://wishes.garv.in