A better way to store mysql credentials.

2020-10-02 23:02:27 +08:00 · 2020-10-02 23:02:27 +08:00 · 09e857bbf6
parent 46171fe780
commit 09e857bbf6
5 changed files with 15 additions and 66 deletions
--- a/Header.php
+++ b/Header.php
@ -3,7 +3,8 @@ session_start();
 error_reporting(0);
 date_default_timezone_set('Asia/Shanghai');

-$con = mysqli_connect("localhost","username","password","lrr");
+include "get_mysql_credentials.php";
+$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");

 // Check database connection
 if (mysqli_connect_errno()) {
--- a/Script.php
+++ b/Script.php
@ -12,7 +12,8 @@ session_start();
 date_default_timezone_set('Asia/Shanghai');

 // Connect to MySQL database
-$con = mysqli_connect("localhost","username","password","lrr");
+include "get_mysql_credentials.php";
+$con = mysqli_connect("localhost",  $mysql_username, $mysql_password, "lrr");

 // Check connection
 if (mysqli_connect_errno())
--- a/batch_insert.php
+++ b/batch_insert.php
@ -2,9 +2,12 @@

 // Code contributed by Xu Xiaopeng and his team (https://github.com/lanlab-org/LRR/pull/39/files#diff-b69ba96bf0e469383b373e8c9de257c0)
 //数据库信息
+
+
+include "get_mysql_credentials.php";
 $servername = "localhost";
-$username = "username";
-$password = "password";
+$username = $mysql_username;
+$password = $mysql_password;
 $dbname = "lrr";

 // 创建连接
--- a/get_mysql_credentials.php
+++ b/get_mysql_credentials.php
@ -0,0 +1,5 @@
+<?php
+$csv = array_map('str_getcsv', file('./../../lrr_submission/KeepItSafe.txt'));
+$mysql_username = $csv[0][0];
+$mysql_password = $csv[0][1];
+?>
--- a/test.php
+++ b/test.php
@ -1,61 +0,0 @@
-<?php
-
-
-
-error_reporting(E_ALL);
-ini_set('display_errors', 'on');
-
-
-
-
-
-echo phpversion();
-
-$hashed_password1 = hash('sha512', '123a');
-$hashed_password2 = hash('sha512', '123a');
-echo "Hash1=".$hashed_password1;
-echo "<hr>Hash2=".$hashed_password2;
-
-
-
-
-$con=mysqli_connect("localhost","username","password","lrr");
-// Check connection
-if (mysqli_connect_errno())
-  {
-  echo "Failed to connect to MySQL: " . mysqli_connect_error();
-  }
-else
-{
-echo "Connected ";
-}
-
-mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
-$query  = "SELECT * from users_table;";
-$result = mysqli_query($con, $query);
-
-
-if (mysqli_num_rows($result) > 0) {
-
-    echo "<table>";
-
-    while ($row = mysqli_fetch_assoc($result)) {
-
-$id=$row["User_ID"];
-$pass=$row["Password"];
-$hash_pass=hash('sha512', $pass);
-$inner_query  = "update users_table set HashPassword='$hash_pass' where User_ID=$id;";
-if ($con->query($inner_query) === TRUE) { echo " User # $id updated<br>";  }
-
-        //echo "<tr>";
-        //echo "<td>{$row['Password']}</td><td>{$row['Email']}</td>";
-        //echo "</tr>";
-
-    }
-
-    echo "</table>";
-
-
-}
-
-