iRev database access security question

Paul Hibbert lc at pbh.on-rev.com
Fri Feb 10 08:10:16 EST 2012


Hi Jonathan,

I seem to remember you can put the username & password in a small iRev file and store it inside your cgi folder (for security), then call it by using 'include', I'm sure there are some more knowledgable people here that can fill in the details though.

Paul


On 10 Feb 2012, at 12:18, Jonathan Lynch wrote:

> Hi everyone,
> 
> If I have an iRev page that is going to access a database, I have to use a
> database query that includes the user name and password. Is it safe to put
> that information directly into the iRev page? That seems risky to me.
> 
> If I put the information into another page and I use a script to pull in
> the information, wouldn't a hacker be able to look at the script, learn the
> location of the other page, and then directly access that page?
> 
> I realize that the scripts on an iRev page do not show up when you view the
> source of the page through a browser. Does this mean that the script
> information on an iRev page is genuinely secure?
> 
> I appologize if these are ignorant questions.
> 
> Many thanks,
> 
> Jonathan
> 
> -- 
> Do all things with love
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode





More information about the use-livecode mailing list