: Whats the use of mysql.safe_mode in php.ini file? I've seen some website on security recommend to enable mysql.safe_mode in php.ini # Enable SQL safe mode sql.safe_mode = On When I searched hard
I've seen some website on security recommend to enable mysql.safe_mode in php.ini
# Enable SQL safe mode
sql.safe_mode = On
When I searched hard to find info on this, I found this:
If the SQL Safe Mode option is enabled the MySQL and Ingres extensions
will ignore the supplied host, user and password information and will
use only the default ones.
By the sound of that, it really sounds like an unsafe mode than safe mode. Doesnt it mean, even if the application (say Joomla) supplies a mysql user with lesser previleges, enabling this will make mysql use the default root user for it? Have I misunderstood what it does? What is the benefit of enabling sql.safe_mode in php?
More posts by @Annie201
1 Comments
Sorted by latest first Latest Oldest Best
To use safe_mode, set your database host, username and password in php.ini using the configuration parameters:
sql.safe_mode = On
mysqli.default_host = "127.0.0.1"
mysqli.default_port = "3306"
mysqli.default_user = "root"
mysqli.default_pw = "Password123"
By having it configured there you will not need it in your PHP scripts - enabling you to update your MySQL password from one place while also making your source code safe from including a password so that you don't have to keep manually removing the password prior to committing to source code version control repositories etc.
In your PHP scripts then instead of using:
<?php
$oDB = new mysqli( "127.0.0.1", "root", "Pass123", "database_name", "3306" );
You might use:
<?php
$oDB = new mysqli();
$oDB->select_db( "database_name" );
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.