What about storing those variables in a MD5 encrypted file? Or - if this is too complex to setup for a "normal" user - we could give the possibility to manually set that method for "experienced" users..
« on October 2nd, 2012, 11:10 PM »
What about storing those variables in a MD5 encrypted file?
Oh, I see. Well I was a bit worried that the password is displayed in plain text.. what if apache/nginx is misconfigured and instead of serving the file (Settings.php), it's downloaded..?
Also, letting admins move that file around the server (for example in /var/www/something/.. or /home/user/...).. it's more likely to be protected there (it's more difficult to mess with permissions)!
It would be useful for adding on more php features to a community without having to make a bridge.
I apologize if I'm not up to snuff when it comes to advanced web development.
I was thinking of hashed passwords to put outside the web root.
I have the function that saves the picture; just need to finagle it and study how wedge submits regular pictures into the gallery, and it might just be crazy enough to work.
Can't remember where I first got it, but with Apache you can set server variables from inside the config file - you can access these from PHP easily enough