AW: Making the content of LC Server Scripts Safe

Nakia Brewer Nakia.Brewer at westrac.com.au
Thu May 22 03:58:19 EDT 2014


Okay,

I'll have a google around and see if I can come to understand that method...

Sent from my iPhone

> On 22 May 2014, at 5:07 pm, "Tiemo Hollmann TB" <toolbook at kestner.de> wrote:
> 
> I think it's not special to LiveCode server scripts. If you communicate from
> LiveCode via PHP to a MySQL db, the db credentials are in the PHP files also
> "visible". You only can protect you server dir with htaccess from being
> ripped. Please correct me, if I am wrong.
> Tiemo
> 
>> -----Ursprüngliche Nachricht-----
>> Von: use-livecode [mailto:use-livecode-bounces at lists.runrev.com] Im
> Auftrag
>> von Nakia Brewer
>> Gesendet: Donnerstag, 22. Mai 2014 06:31
>> An: use-livecode at lists.runrev.com
>> Betreff: Making the content of LC Server Scripts Safe
>> 
>> Afternoon all,
>> 
>> As I venture down the road of learning what the wonders of LC Server
> scripts
>> can do I find myself wondering how safe are the content of these scripts.
>> Being completely new to Web and Server development it's probably a silly
>> question but for example:
>> 
>> I have a LC Server script that is called from a mobile testing app that
>> records the devices location into a MySQL Database using $_GET params.
>> In the LC Server Script file resides all my connection details for my
> database
>> etc.
>> 
>> So, what stops someone from accidentally stumbling across that URL and
> getting
>> the content of that file?
>> 
>> Or am I completely not understanding?
>> 
>> Sorry in advance :)
>> 
>> 
>> 
>> 
>> COPYRIGHT / DISCLAIMER: This message and/or including attached files may
>> contain confidential proprietary or privileged information. If you are not
> the
>> intended recipient, you are strictly prohibited from using, reproducing,
>> disclosing or distributing the information contained in this email without
>> authorisation from WesTrac. If you have received this message in error
> please
>> contact WesTrac on +61 8 9377 9444. We do not accept liability in
> connection
>> with computer virus, data corruption, delay, interruption, unauthorised
> access
>> or unauthorised amendment. We reserve the right to monitor all e-mail
>> communications.
>> 
>> _______________________________________________
>> use-livecode mailing list
>> use-livecode at lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your
> subscription
>> preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
> 
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
> 

COPYRIGHT / DISCLAIMER: This message and/or including attached files may contain confidential proprietary or privileged information. If you are not the intended recipient, you are strictly prohibited from using, reproducing, disclosing or distributing the information contained in this email without authorisation from WesTrac. If you have received this message in error please contact WesTrac on +61 8 9377 9444. We do not accept liability in connection with computer virus, data corruption, delay, interruption, unauthorised access or unauthorised amendment. We reserve the right to monitor all e-mail communications.






More information about the Use-livecode mailing list