You are required to register before you can post. This is via a custom verification system. Please post any problems you are encountering here and I`ll do my best to respond as soon as I can. Please note that a reply WILL be posted to all queries, so do not double post. There are no guarantees
when a reply will appear but I do my best to answer all within 3/4 days max. Bumping topics won`t make the slightest difference.
IMPORTANT: Posts in English ONLY please, thank you! Any other languages will be ignored and your message deleted.
SEARCH: Use the search option to see if your question has been answered on the forum before. Or check the relevant script docs.
CUSTOMER: If you have purchased a commercial version of any of my software, using the contact option at the licence centre ensures a faster response.
AUTO DELETION: Accounts older than 5 days, with no posts or topics, are automatically deleted. Only register if you are thinking of posting.
PRIVATE MESSAGES: Private messages are currently disabled.
LINKS: Any links posted are 'NOFOLLOW' and will not be picked up by search engines.
Hi, would you please give some step-by-step instructions on securing the password files as per:
'For absolute security, its best to store the password file and the connection file OUTSIDE of the web root. This is for advanced users and shouldn`t pose a problem. Put the files outside and then alter the paths to suit.'
I altered my admin/index.php folder to reference the new file paths of password.inc.php and db_connection.inc.php to a folder outside of my web root. I sucessfully moved the password.inc.php file outside my root folder, and can log-in to my admin panel fine.
However, if I try to move my db_connection.inc.php file out there, the site won't load and I get errors. Right now I have one db_connection file outside my root folder so I can log-into the admin panel; and another copy still in the /inc folder of my website, so the site will load.
Here's the error I get if I delete that second db_connection file from my public_html eCards folder:
Warning: include(/home3/username/public_html/eCards/inc/db_connection.inc.php) [function.include]: failed to open stream: No such file or directory in /home3/username/public_html/eCards/index.php on line 22
Warning: include() [function.include]: Failed opening '/home3/username/public_html/eCards/inc/db_connection.inc.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home3/username/public_html/eCards/index.php on line 22
Warning: mysql_query() [function.mysql-query]: Access denied for user 'username'@'localhost' (using password: NO) in /home3/username/public_html/eCards/index.php on line 126
Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home3/username/public_html/eCards/index.php on line 126
Access denied for user 'username'@'localhost' (using password: NO)
I am thinking the problem is in the main ecards index.php page?
// Set path to greetings folder
I tried putting in the path of my db_connection.inc.php file of the folder outside my root folder, but it still doesn't work. i.e. include(FOLDER_PATH.'/home3/username/passfolder/db_connection.inc.php ');
Any help would be appreciated. This seems like a great script. My last ecards site was hacked, and I want to do everything possible to prevent it with this one.
Last edited by cowgirlmodel (28-09-2009 08:11:52)
You are nearly there with this:
include(FOLDER_PATH.'/home3/username/passfolder/db_connectio n.inc.php ');
You don`t need FOLDER_PATH, just simply:
Hooray, it worked! Thanks a ton, and I really appreciate the script.
A note for anyone else who may need help with this - you will also need to change your cron files to reflect the new db_connections.php path.
Last edited by cowgirlmodel (03-10-2009 00:34:45)