A better way to store mysql credentials.

SIMPLICITY_link
Hui Lan 2020-10-02 23:02:27 +08:00
parent 46171fe780
commit 09e857bbf6
5 changed files with 15 additions and 66 deletions

View File

@ -3,7 +3,8 @@ session_start();
error_reporting(0);
date_default_timezone_set('Asia/Shanghai');
$con = mysqli_connect("localhost","username","password","lrr");
include "get_mysql_credentials.php";
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
// Check database connection
if (mysqli_connect_errno()) {

View File

@ -12,7 +12,8 @@ session_start();
date_default_timezone_set('Asia/Shanghai');
// Connect to MySQL database
$con = mysqli_connect("localhost","username","password","lrr");
include "get_mysql_credentials.php";
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
// Check connection
if (mysqli_connect_errno())

View File

@ -2,9 +2,12 @@
// Code contributed by Xu Xiaopeng and his team (https://github.com/lanlab-org/LRR/pull/39/files#diff-b69ba96bf0e469383b373e8c9de257c0)
//数据库信息
include "get_mysql_credentials.php";
$servername = "localhost";
$username = "username";
$password = "password";
$username = $mysql_username;
$password = $mysql_password;
$dbname = "lrr";
// 创建连接
@ -52,4 +55,4 @@ $result->free();
//中断连接
mysqli_close($conn);
?>
?>

View File

@ -0,0 +1,5 @@
<?php
$csv = array_map('str_getcsv', file('./../../lrr_submission/KeepItSafe.txt'));
$mysql_username = $csv[0][0];
$mysql_password = $csv[0][1];
?>

View File

@ -1,61 +0,0 @@
<?php
error_reporting(E_ALL);
ini_set('display_errors', 'on');
echo phpversion();
$hashed_password1 = hash('sha512', '123a');
$hashed_password2 = hash('sha512', '123a');
echo "Hash1=".$hashed_password1;
echo "<hr>Hash2=".$hashed_password2;
$con=mysqli_connect("localhost","username","password","lrr");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
echo "Connected ";
}
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$query = "SELECT * from users_table;";
$result = mysqli_query($con, $query);
if (mysqli_num_rows($result) > 0) {
echo "<table>";
while ($row = mysqli_fetch_assoc($result)) {
$id=$row["User_ID"];
$pass=$row["Password"];
$hash_pass=hash('sha512', $pass);
$inner_query = "update users_table set HashPassword='$hash_pass' where User_ID=$id;";
if ($con->query($inner_query) === TRUE) { echo " User # $id updated<br>"; }
//echo "<tr>";
//echo "<td>{$row['Password']}</td><td>{$row['Email']}</td>";
//echo "</tr>";
}
echo "</table>";
}