Can it easily be hacked or cracked?

[Larneman]

Is this a "secure" or "safe" method of connecting via a PHP page to a MySql database.

Can it easily be hacked or cracked.

Are there better methods? All tips welcome.

<?php

$usr = 'prefix_user';
$pwd = 'password';
$db = 'prefix_database';
$host = 'mysql.jodoshared.com';

$id = mysql_connect($host,$usr,$pwd);
if(!$id)
{
echo "Couldn't connect to database_result";
}
mysql_select_db($db) or die('Database not found_result');

$query_stub = "select firstname, surname, agetext, address, parish, "
."county, person.id "
."from household, person where "
."household.id = person.hsehold and ";

 

[doctorallia]

i would store your connection piece in a different file, and then execute it. Doing so this way does a few things:

1. You can change your password every once in a while and not have to change a bunch of connections in many files.

2. You can have that file in a folder which cannot be accessed by anyone but the server, which makes your password safer.

 

[Larneman]

"in a different file, and then execute it"

How do you execute it?

Interesting points in Item 1, thanks.

Item 2 is again over my head as well.
I had thought about using "include" and putting the file in the root but that does not work.

Liam

PS: I just started with PHP/MySql

 

[doctorallia]

you can either do include() or require() is all i meant by execute

 

[doctorallia]

just set up a directory that is inaccesable to users

 

[Larneman]

Thanks, It is a lot clearer. I was thinking off an excutable file like an .exe . is what you were meaning. I will read up again on include() and now a new one , require()
Very helpful tips.

Liam