Forum Moderators: coopster
* simple_admin.php = A simple utility to help develop multiple sites and / or projects.
* db_data.php sits outside of the public_html path and cannot be viewed or directly accessed by any browser-based hacker.
1) simple_admin.php is an experiment to help easily make changes in several databases at once, using basic to medium-level PHP.
2) db_data.php is included in simple_admin.php
3) Also note:
[php]<?php
rename("simple_admin.php", "simple_admin.txt");
?>[/php]
Every time the admin uses simple_admin.php it is automatically renamed to .txt, so hackers have no chance of running the file themselves.
Quick Summary:
> The Database login info is outside of the public_html path
> The "main file" is automatically renamed to .txt every time.
Please tell me, is there anything about this set-up which is not 'reasonably' secure?
Thank you.
Edit: Oops... Of course, simple_admin.php can also, be in a password protected area.
Now, can I think "it" is safe and secure?
Every time the admin uses simple_admin.php it is automatically renamed to .txt, so hackers have no chance of running the file themselves.
OK they can't run it But you are enabling all the code in there to be seen by them, and see what all is in there and can see your mysql password if that was in there.
I would never let a code file to be viewed as Text.
"The Database login info is outside of the public_html path"
Can they view an include file outside of the public_html path?
Thanks
Is your simple_admin.php Password protected ? i would protect it or protect the whole directory via apache and not worry about renaming.
