1

I created a website a bit ago that is open-source. Every file has the line:

require('/var/www/civ/other/req.php'); //This loads all code located in /req.php

(The code for /req.php is visible here if that matters)

The eighth line of this connects to the MySQL database:

$con = mysqli_connect('HOST', 'USER', 'PASSWORD', 'DATABASE_NAME');

In the production file, it has the actual host/user/password/database name. Whenever I commit changes, I just manually go to that line and replace the real information with dummy information. However, sometimes I forget and I have to rollback the commit and re-commit, during which time someone could have seen the real password. I've thought about putting it in a text file in a non /www directory with read permissions only given to Apache/PHP and using file_get_contents, however:

  • Because this is open source, everyone knows the exact path to the file, so someone could trick PHP into echoing the contents

  • Because this file is called on every page, I would double the I/O required to load a page.

How do I store the password so a git commit can't reveal it?

Jon
  • 2,566
  • 6
  • 32
  • 52
  • 2
    It's general practice not to commit the database credentials (adding it in the `.gitignore` file). – Darren Mar 23 '15 at 01:22
  • @Darren This page does a lot of things, including connect to the database. The entire file is 318 lines long. If I didn't commit it, code that runs on every page would be missing. – Jon Mar 23 '15 at 01:23
  • 4
    Well then remove the database connection settings from that file, and move them into their own little file that contains only those and nothing else … – CBroe Mar 23 '15 at 01:24
  • 1
    Do as @CBroe just stated. It's the way you should be doing it. – Darren Mar 23 '15 at 01:24
  • Then refactor out the credentials into a separate file and parse it in your req.php file – Montycarlo Mar 23 '15 at 01:25
  • 1
    _“Because this is open source, everyone knows the exact path to the file, so someone could trick PHP into echoing the contents”_ – only if they could get their own PHP code executed within your system in the first place – and then you have a lot more problems. (And that “security by obscurity” doesn’t work should be common knowledge by now.) – CBroe Mar 23 '15 at 01:27

0 Answers0