| Encrypting DB Access Info |
[eluser]Unknown[/eluser]
At a minimum, I want to encrypt both the username and password for accessing a database. I HATE storing plain text usernames/passwords in config. files or in code >:-( If I decide to put DB access info. in the MODEL (which makes sense). What would I need to do to be able to override the DB access functionality that CI uses (I guess via it's DB class)? In the end, I want to be able to perform decryption to get the username/password and connect to the appropriate DB account. Any insight would be GREATLY appreciated! :-)
[eluser]pistolPete[/eluser]
Quote:In the end, I want to be able to perform decryption to get the username/password Which encryption algorithm do you want to use? If you want to decrypt the access data you have to store the encryption key in the code, how is that better? Quote:What would I need to do to be able to override the DB access functionality that CI uses (I guess via it’s DB class)?Have a look at Extending_Database_Drivers.
[eluser]m4rw3r[/eluser]
I think you can put it in Apache env vars too, then you can store them in memory without having them on disk (better than in a file, but still not secure). Haven't tried it myself, but it should be possible. Then after you've stored them in apache, you fetch and assign them to normal vars in the database config file. |
| Welcome Guest, Not a member yet? Register Sign In |
MENU
EXTRA MENU
ABOUT US
CodeIgniter is a powerful PHP framework with a very small footprint, built for developers who need a simple and elegant toolkit to create full-featured web applications.
