On May 3, 2005, at 3:48 AM, [EMAIL PROTECTED] wrote:
When useing ESQL (via AxKit::XSP::ESQL) to connect to a MySQL datadase, I
have the connection details hard coded into the xsp page (username,
password etc.) This seems unsecure. I don't like the thought of having my
MySQL username and password hardcoded into the page. Is there some way I
can store these details elsewhere (preferably encryped) and reference then
from the xsp somehow?
I'm not sure how MySQL functions, but I know with PostgreSQL it can read in its connection details from environment variables. So I have entries in my Apache configuration (which is readable only by root) that look like the following:
PerlSetEnv DBI_USER "db_username" PerlSetEnv DBI_DSN "dbi:Pg:dbname=..."
Then in your XSP code, you simply leave off any connection parameters:
<esql:connection>
<esql:execute-query>
...
</esql:execute-query>
</esql:connection>-- Michael Nachbaur <[EMAIL PROTECTED]> http://nachbaur.com/pgpkey.asc
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
