/    Sign up×
Community /Pin to ProfileBookmark

PHP Include

Copy linkTweet thisAlerts:
Nov 04.2008

Hi all.

I have a problem that I’m working on that I have posted on here before, but I’d like to attack this from another angle.

I need to keep two pieces of data, that will be two different variables that never change, secure and unviewable. I’m wondering if what I’m about to suggest will work and if anyone has any more specific information for making such an implementation.

The thought:
I’d like to have the main page, a php form, be able to post to a script on another server (I have all this information) but in order for my main page to access this other script, it must pass login information (the two pieces of data) to the other server.

I’m wondering if a good method of accomplishing this would be to:
Have the main page
Have a second php page that will only contain these two variables (I’m thinking global variables??)
Have the main page “include” the second page to access the data those variables hold without allowing everyone else to view it.

Is this a viable solution to keep data hidden but remain accessible. If so, is my thinking correct on making them globals (they just have to be defined as globals on both pages to access them correct?)? etc.

Any thoughts/suggestions would be greatly appreciated!

to post a comment
PHP

4 Comments(s)

Copy linkTweet thisAlerts:
@scragarNov 04.2008 — Unless your server has a secure login anyone can access the information by loading the file you are including anyway, so I can't imagine you getting any better security in this way...

Of course it all depends on your level of security required, if the only thing to need to protect is the 2 variables on your side, and you are sure the page will be safe(and not throw in some crazy script to wipe out your DB, or email these secret information off to someone else, or whatever), then your way works fine, personally, I would have the page protected by a htaccess login, and load the URL as: [noparse]http://username:[email protected] [/noparse] entirely up to you what you want to do though.
Copy linkTweet thisAlerts:
@NogDogNov 04.2008 — Unless the values need to be changed while the program is running, I'd suggest that you [url=http://php.net/define]define[/url]() them as constants in the included file. (Constants are already in the global scope, so you don't need to worry about the global aspect.)
Copy linkTweet thisAlerts:
@rothndauthorNov 04.2008 — Hey thanks guys! Do you by chance have any info on the htaccess login?? I'm thinking this is exactly what I need but I've never heard of it before.

I will do the constant thing if it comes to this method. Thanks NogDog.
Copy linkTweet thisAlerts:
@rothndauthorNov 04.2008 — Hey NogDog.

Just took a look into the define page you linked. Very helpful (I think this may turn into a viable solution). One thing: My form must pass/post these constants that I'm going to define in the include page.

Ordinarily the form would have "hidden" variables with this same information right in the form. So now I'm wondering, if I already define the values of the variables in the include page, how do I call them within the form so they get posted at the same time as the other information?

Thanks again!!
×

Success!

Help @rothnd spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.21,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...