malango
/
LRR
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

A better way to store mysql credentials.

Bug460-Malango
Hui Lan 2020-10-02 23:02:27 +08:00
parent 46171fe780
commit 09e857bbf6
5 changed files with 15 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Header.php
View File

@ -3,7 +3,8 @@ session_start();
error_reporting(0); error_reporting(0);
date_default_timezone_set('Asia/Shanghai'); date_default_timezone_set('Asia/Shanghai');
$con = mysqli_connect("localhost","username","password","lrr"); include "get_mysql_credentials.php";
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
// Check database connection // Check database connection
if (mysqli_connect_errno()) { if (mysqli_connect_errno()) {

3
Script.php
View File

@ -12,7 +12,8 @@ session_start();
date_default_timezone_set('Asia/Shanghai'); date_default_timezone_set('Asia/Shanghai');
// Connect to MySQL database // Connect to MySQL database
$con = mysqli_connect("localhost","username","password","lrr"); include "get_mysql_credentials.php";
$con = mysqli_connect("localhost", $mysql_username, $mysql_password, "lrr");
// Check connection // Check connection
if (mysqli_connect_errno()) if (mysqli_connect_errno())

7
batch_insert.php
View File

@ -2,9 +2,12 @@
// Code contributed by Xu Xiaopeng and his team (https://github.com/lanlab-org/LRR/pull/39/files#diff-b69ba96bf0e469383b373e8c9de257c0) // Code contributed by Xu Xiaopeng and his team (https://github.com/lanlab-org/LRR/pull/39/files#diff-b69ba96bf0e469383b373e8c9de257c0)
//数据库信息 //数据库信息
include "get_mysql_credentials.php";
$servername = "localhost"; $servername = "localhost";
$username = "username"; $username = $mysql_username;
$password = "password"; $password = $mysql_password;
$dbname = "lrr"; $dbname = "lrr";
// 创建连接 // 创建连接

5
get_mysql_credentials.php Normal file
View File

@ -0,0 +1,5 @@
<?php
$csv = array_map('str_getcsv', file('./../../lrr_submission/KeepItSafe.txt'));
$mysql_username = $csv[0][0];
$mysql_password = $csv[0][1];
?>

61
test.php
View File

@ -1,61 +0,0 @@
<?php
error_reporting(E_ALL);
ini_set('display_errors', 'on');
echo phpversion();
$hashed_password1 = hash('sha512', '123a');
$hashed_password2 = hash('sha512', '123a');
echo "Hash1=".$hashed_password1;
echo "<hr>Hash2=".$hashed_password2;
$con=mysqli_connect("localhost","username","password","lrr");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else
{
echo "Connected ";
}
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$query = "SELECT * from users_table;";
$result = mysqli_query($con, $query);
if (mysqli_num_rows($result) > 0) {
echo "<table>";
while ($row = mysqli_fetch_assoc($result)) {
$id=$row["User_ID"];
$pass=$row["Password"];
$hash_pass=hash('sha512', $pass);
$inner_query = "update users_table set HashPassword='$hash_pass' where User_ID=$id;";
if ($con->query($inner_query) === TRUE) { echo " User # $id updated<br>"; }
//echo "<tr>";
//echo "<td>{$row['Password']}</td><td>{$row['Email']}</td>";
//echo "</tr>";
}
echo "</table>";
}