TalkPHP - Most efficient way of storing database configurations?

Page 1 of 2

Show 40 post(s) from this thread on one page

TalkPHP (http://www.talkphp.com/forums.php)

- Advanced PHP Programming (http://www.talkphp.com/advanced-php-programming/)

- - Most efficient way of storing database configurations? (http://www.talkphp.com/advanced-php-programming/1520-most-efficient-way-storing-database-configurations.html)

bdm	11-26-2007 08:20 PM

Most efficient way of storing database configurations?

So i have 3-4 databases which I need to access within the same application. I know I should be storing the database configurations in a config.php file (which I have). The way I'll be accessing these is when I create a new database object, I'd like to specify which credentials to use.

So essentially, I'd like to be able to do something along these lines:

PHP Code:


		
			
$serverName = DatabaseFactory::factory('mysql', $databaseName);

Or if someone knows of a better way, let me know.

Thank you. :)

sketchMedia

11-26-2007 08:52 PM

ok, im guessing all you DB's are on the same server?

In the factory have the function mysql_select_db(), that is provided they are on the same server, thus the link identifier (created from mysql_connect function) will work.

Just something i thought of off the top of my head.

bdm	11-26-2007 08:58 PM

I don't follow.

My config.php file also has to have the info (username, password, ...) to connect to several databases.

And not all databases are located on the same server. ;)

sketchMedia

11-26-2007 09:23 PM

right, then i think you will need a new link identifier then, my original thought was that you have the same server but with different DB's, then my example would work.

ill have a think about that, need to find a source of coffee to get my brain working.

bdm	11-26-2007 09:27 PM

;)

I've played with the Zend Framework for a bit. And the way it seems to handle it is by putting the their configuration settings into an array, then loading it into the registry. Then when you need a connection, you simply use the registries get method.

sketchMedia

11-26-2007 09:31 PM

Why not load your config settings into a multi dimensional array?
For example:

PHP Code:


		
			
$serverName = DatabaseFactory::factory('mysql', $databaseName);

inside your factory:

PHP Code:


		
			
$configArray[$databaseName]['host'];
$configArray[$databaseName]['user'];
$configArray[$databaseName]['pass'];

etc.

Tanax

11-26-2007 09:32 PM

I have like this...

php Code:

class DBmysql implements iDB {
        
        private $host;
        private $user;
        private $pass;
        private $data;
        public $table = array();
        public $col = array();
        
        
        public function setHandler($host, $user, $pass, $data) {
            
            $this->host = $host;
            $this->user = $user;
            $this->pass = $pass;
            $this->data = $data;
            
            return $this;
            
        }
        
        public function connect() {
            
            @mysql_connect($this->host, $this->user, $this->pass) or die("Could not connect to the database.");
            
            return $this;
            
        }
        
        public function select() {
            
            @mysql_select_db($this->data) or die("Could not select database.");
            
            return $this;
            
        }

etc....

So you just do like this to call it:

php Code:

$tanaxia['database'] = DB::getInstance($tanaxia['config']['database']['type']); 
$tanaxia['database']->setHandler(
                
                        $tanaxia['config']['database']['host'],
                        $tanaxia['config']['database']['user'],
                        $tanaxia['config']['database']['pass'],
                        $tanaxia['config']['database']['data']
                        
                        )
                        ->connect()
                        ->select();

All those variables are set in the config.php

And what you can do then, is to make a script that loads the database name from a .txt file

And then another script that allows you to change that value.

So your $tanaxia['config']['database']['data'] would be the value of the string in the .txt file ;)

Piece a cake :) or not xD
But that's the idea anyways.

bdm	11-28-2007 02:23 PM

Sounds good, I'll put them in associative arrays. :)

Morishani

11-28-2007 05:14 PM

Quote:

Originally Posted by Tanax (Post 4596)

And what you can do then, is to make a script that loads the database name from a .txt file

And then another script that allows you to change that value.

So your $tanaxia['config']['database']['data'] would be the value of the string in the .txt file ;)

Puting the database name or any database information in any file that is accessible to users somehow is not a good idea.

If you put the database name or any information like that in a text file make sure with .htaccess (for apache) or otherway (for other servers) that the file is not accessible to users.

bdm	11-28-2007 05:54 PM

My config files are not in the root directory, so that shouldn't be a problem. And I always make sure to lock those directories with .htaccess. :)

Morishani

11-28-2007 05:59 PM

Quote:

Originally Posted by gcbdm (Post 4703)

My config files are not in the root directory, so that shouldn't be a problem. And I always make sure to lock those directories with .htaccess. :)

Oh, if you make sure the files are locked then it's ok ^^

sketchMedia

11-28-2007 10:37 PM

alternatively just name your config file with the .php extension, then the contents is hidden from the user.
But if the config is outside the root and locked then it should be ok i reckon

EyeDentify

11-29-2007 10:26 AM

Maybe you could get some use for the function:
http://se.php.net/manual/sv/function.parse-ini-file.php

Wildhoney

11-29-2007 02:57 PM

One downside with the INI file approach is that if somebody directly visits that file, it won't be parsed as PHP and thus show the MySQL credentials in all their beauty. You will need to be quite up with the htaccess file configuration in order to consider such an approach, that way you can prevent access to the INI file.

bdm	11-29-2007 04:58 PM

Quote:

Originally Posted by Wildhoney (Post 4773)

True.

Guess in that case you could tell your htaccess file to redirect any requests to *.ini . :)

Wildhoney

11-29-2007 09:22 PM

Yep. The best technique is to pretend as though the file does not exist. Use the same type of request, such as 301 move, regardless of whether or not they've found the correct config file, or a file that doesn't exist. That way they will never know, unless of course they crack your code - which still makes it tougher, if they've found a config file or not.

bdm	11-30-2007 12:18 PM

WildHoney, It's like you read my mind because that it exactly how I was going to approach it. :)

Wildhoney

11-30-2007 12:30 PM

This is good! :-) Just ensure that you use the same kind of redirect. That will only matter if somebody is determined to crack your code as they will need to read the HTTP headers to deduce the type of redirect. There are a whole array of redirects - such as 301 redirect is the one most people will be aware of if they've touched upon SEO before, but it doesn't matter which one you choose as long as you're consistent.

Salathe

11-30-2007 03:16 PM

Using a 301 means that the resource does exist but it is to be found at another location. I'd prefer a 404 (not found) error to be produced.

Wildhoney

11-30-2007 03:33 PM

A 404 is not bad if you customise your errors, but if you remain consistent with whichever you decide to go for, then you'll have no problems. Redirecting would simply redirect back to the home page.

All times are GMT. The time now is 07:57 AM.

Page 1 of 2

Show 40 post(s) from this thread on one page