Sign Up

Add MySql connection to a Configuration file

I wrote a php class which connects to a MySql DB, and then does an INSERT. I have done this, and it works. Now, i want to add the connection part of the code to a configuration file, where i could call it from here. How could i do this in PHP ?

what have you tried? also new code should not use the mysql_* functions you should learn and use PDO or mysqli.

@Tynarus I mean, to add the connection string in 1 file, and then access it where ever i want from another PHP file. (Something like a configuration file)

Use require_once to retrieve the configuration file? It will automatically run anything inside of the file you’re fetching. php.net/manual/en/function.require-once.php

Provided the configuration file is another PHP file, I should say. Apologies. HTML files work too, but then it would just display the HTML inside the file.

4 Answers 4

connect to a mysql database by using ph is very simple. you write the code in a ok way, although it is better to use MySQLi or PDO not MySQL function, because they may have some sql injection or other security problems. give your file a name like config.php and add it to whenever you want to use mysql connection. use require_once or include functions of php to use this.

yes. you must do that.however it is not necessary, it is just because standard programmers are advised not to use mysql function.this is just for security reasons, although it works ok.

also you can use a if else condition in your config file. you can set in it , what server you are working on. if you working on localhost,then you can make a connection fir this ,else if you are on a live server then make another connection for this. then your one config file works fine on both station and you will not need to edit it. if you find me helpful, please vote me:)

I don’t understand exactly but por put this parameters in a configuration file you do this Configuration File

$config['hostname'] = 'yourserver'; $config['user'] = 'youruser'; $config['password'] = 'password'; 

and then call this in your class connection

mysql_connect($config['hostname'],$config['user'],$config['password']); 

or more easy build a construct with the parameters of conexion, and look as this

function __construct($host,$user,$password,$database)

a guide detail of advantages and disadvantages of pdo and mysqli [link]net.tutsplus.com/tutorials/php/… but PDO id a library general when you unknow the database server that use and mysqli is specific for mysql

As from a notice from PHP they wont be officially deprecating the mysql_* extension till at least PHP 5.5/6.0 so you have some time to rewrite your script before those function are completely gone or E_DEPRECATED errors start appearing. http://news.php.net/php.internals/53799

So use PDO or mysqli for new scripts:

Connect with PDO

setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $con->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); $con->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE,PDO::FETCH_ASSOC); >catch (Exception $e)< die('Cannot connect to database. Details:'.$e->getMessage()); > ?> 

Right now, if the above code is in your config file then you can use include(‘config.php’) and then $con will contain your connection object.

As $con is not global scope you would need to pass it to your class via the construct.

db = $con; > function someMethod($valueA,$valueB)< $sql = "INSERT INTO TABLE ( colA, colB )VALUES( :colA, :colB )"; $query = $this->db->prepare($sql); $query->bindParam(":colA", $valueA); $query->bindParam(":colB", $valueB); $query->execute(); > > $aClass = new yourclass($con); $aClass->someMethod('someValueforA','someValueforB'); ?> 

Источник

Tutorial to create a login system using HTML, PHP, and MySQL

This is a tutorial for creating a login system with the help of HTML, PHP, and MySQL. Your website needs to be dynamic and your visitors need to have instant access to it. Therefore, they want to log in as many times as possible. The login authentication system is very common for any web application. It allows registered users to access the website and members-only features. It is also helpful when we want to store information for users. It covers everything from shopping sites, educational sites, and membership sites, etc.

This tutorial is covered in 4 parts.

Table of Contents

1) Building a Signup system

In this part, We will create a signup system that allows users to create a new account to the system. Our first step is to create a HTML registration form. The form is pretty simple to create. It only asks for a name, email, password, and confirm password. Email addresses will be unique for every user. Multiple accounts for the same email address are not allowed. It will show an error message to the users who try to create multiple accounts with the same email address.

Step 1: Creating Registration Form in HTML

We will create a PHP file named register.php with the following code in it. This is a simple HTML form with some basic validation. If you are not familiar with HTML then you can get it from many online sites who give ready-made html5 login form templates.

       
 
 
Register
 
Please fill this form to create an account.
 
 
Full Name 
Email Address 
 
Password 
Confirm Password 
Already have an account? Login here.
  
 
 
  

The output of the above HTML form will look like this.

All the input fields are required by adding the «required» attribute which is the default HTML attribute. The use of type=»email» will validate the email address provided by users and gives an error if the email address is not valid. For the registration form, we have used bootstrap for rapid development. If you want to save your time on HTML code you can always use some free html5 templates for your project.

Step 2: Creating the MySQL Database Table

You will need to create a new database with any suitable name you want. After that please execute the below SQL query to create the user’s table inside your newly created MySQL database.

CREATE TABLE `users` ( `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `name` varchar(75) NOT NULL, `password` varchar(255) NOT NULL, `email` varchar(100) NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `email` (`email`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=1;

Step 3: Creating Database Configuration File

Now, we have created the users table. Let’s create a new PHP file named config.php to connect with the MySQL database. Paste the following code in the config.php file and change the database name to whatever you choose while creating the database.

Step 4: Creating a Session File

Let’s create a file named session.php. In this file, we will start the session and check if a user is already logged in, if yes then we will redirect the user to welcome.php file.

Step 5: Create Registration Form in PHP

Finally, it’s time to create a PHP code that allows users to register their accounts into the system. This PHP code will alert users with an error if any user is already registered with the same email address.

Replace the following code in the register.php file.

prepare("SELECT * FROM users WHERE email = ?")) < $error = ''; // Bind parameters (s = string, i = int, b = blob, etc), in our case the username is a string so we use "s" $query->bind_param('s', $email); $query->execute(); // Store the result so we can check if the account exists in the database. $query->store_result(); if ($query->num_rows > 0) < $error .= '
The email address is already registered!
'; > else < // Validate password if (strlen($password ) < 6) < $error .= '
Password must have atleast 6 characters.
'; > // Validate confirm password if (empty($confirm_password)) < $error .= '
Please enter confirm password.
'; > else < if (empty($error) && ($password != $confirm_password)) < $error .= '
Password did not match.
'; > > if (empty($error) ) < $insertQuery = $db->prepare("INSERT INTO users (name, email, password) VALUES (?, ?, ?);"); $insertQuery->bind_param("sss", $fullname, $email, $password_hash); $result = $insertQuery->execute(); if ($result) < $error .= '
Your registration was successful!
'; > else < $error .= '
Something went wrong!
'; > > > > $query->close(); $insertQuery->close(); // Close DB connection mysqli_close($db); > ?>       
 
 
Register
 
Please fill this form to create an account.
   
 
Full Name 
Email Address 
 
Password 
Confirm Password 
Already have an account? Login here.
  
 
 
   

Once user click on submit button it will check if $_SERVER[«REQUEST_METHOD»] == «POST» and $_POST[‘submit’] variable has been set. For security concerns, we always suggest not to store the password as plain text in the database. We have used password_hash() function which creates a new password hash using a strong one-way hashing algorithm.

The above PHP script will validate that no user is registered with the same email address and also validate password. After validation is confirmed we store the user-provided information in the users’ table and alert the user that registration was successful.

2) Building a Login System

In this part, we will create a login form to allow users to access the restricted area of the system. In our case, the restricted area is a welcome page which we will cover in the next part.

Step 1: Creating a Login Form in HTML

Below is the Login Form in HTML. Paste it in a file named login.php

       
 
 
Login
 
Please fill in your email and password.
 
 
Email Address 
 
Password 
Don't have an account? Register here.
  
 
 
  

The output of the above code will look like this

Step 2: Creating a Login System in PHP

After creating the login form in HTML, we will write a code to validate login credentials. On form submit we will check that the email and password are filled. If they filled then we will execute a SELECT query to find the record in a database on the basis of email and password. If any record found, then we will store the «userID» in session and the user is redirected to the welcome.php file, otherwise, the user is alerted with an error message.

Let’s replace the following code in the login.php file.

Please enter email.
'; > // validate if password is empty if (empty($password)) < $error .= '
Please enter your password.
'; > if (empty($error)) < if($query = $db->prepare("SELECT * FROM users WHERE email = ?")) < $query->bind_param('s', $email); $query->execute(); $row = $query->fetch(); if ($row) < if (password_verify($password, $row['password'])) < $_SESSION["userid"] = $row['id']; $_SESSION["user"] = $row; // Redirect the user to welcome page header("location: welcome.php"); exit; >else < $error .= '
The password is not valid.
'; > > else < $error .= '
No User exist with that email address.
'; > > $query->close(); > // Close connection mysqli_close($db); > ?>       
 
 
Login
 
Please fill in your email and password.
  
 
Email Address 
 
Password 
Don't have an account? Register here.
  
 
 
   

3) Creating a Welcome Page

Below is the code for the welcome.php file. Users will be redirected to this page after a successful login process. We have added some code at the top of the page to check if the user is not logged in, then redirect the user to the login page.

Let’s create a welcome.php file and paste the following code in it.

 ?>    Welcome   
 
 
Hello, . Welcome to demo site.
 
 
Log Out 
 
 
  

4) The Logout script

Finally, Let’s create a logout.php file with the following code in it.

Once the user clicks on the Log Out link, the above script, will be called to destroy the session and redirect user to the login.php file.

Conclusion

In this tutorial, I explained how you can create a Login System using HTML, PHP and MySQL. Once you understand how simple it is to create a login system you can add other features like reset password, forgot password, verify email address, edit user’s profile, etc.

Источник

Where to put database connection settings?

Where do you put the connection settings for a database connection (things like host, dbname, user, password)? Is it placed in the database class or file, or outside in a config file, or somewhere else?

It depends on your implementation. You can put to a settings file so you can customize whenever you want. or if you love OOP then you can use class also.. but probably used settings file.

I usually put it in a file outside of web root, and then include it into whatever application I need it in. This makes it a bit more secure from being accidentally exposed to the web, and allows multiples applications to use the same settings where changing that one file will keep all apps db settings up to date.

4 Answers 4

Ideally, you should place it in a config file, which can be something as simple as a PHP array.

$db_config = array( 'host' => 'localhost', 'user' => 'username', 'password' => 'qwerty' ); 

You should then place this file outside your document root for maximum security. This way, if your webhost fails you and begins serving PHP files as text files (happens), no one can get your DB credentials.

Hi thank you for your answer. Would this be implemented like globally or would there be something else.

It can be done in many ways, but what is common is to put it in a settings file, and keep that file outside of the webroot, so that information about the database password can not accidentally leak into the web.

For PostgreSQL, I really like to use pg_service.conf . It allows me to put all connection specific settings (hostname, database name, username, password, etc) into ~/.pg_service.conf or to /etc/postgresql-common/pg_service.conf and give them common name (service name).

Now, any program (Perl, PHP, etc) that wants to connect to database can simply specify «service=name» as their connection string — nice, clean, secure and easily maintainable.

As far as I know, MySQL has similar mechanism for ~/my.cnf or /etc/my.cnf files — you may want to look into that.

Источник