I'm working on a simple task management web app using PHP and MySQL, designed for local or small team use. To set it up, users will go to a setup page where they enter their database credentials so the server can create the necessary tables for the app. This setup will include a username and password for the database, as well as an admin email and password.
My question is, what is the best way to store the database credentials provided by users? Since the app needs these credentials to connect to the database, storing them in another database isn't an option. Would it be better to write them to a configuration file and secure that file with htaccess restrictions?
2 Answers
I've seen a lot of web apps handle this by writing the credentials to a configuration file. It's common to store them in a way that the application can read them at runtime but also protect those files from unauthorized access.
Exactly, just be sure to set the right permissions on that config file! You want to make sure it’s not publicly accessible. Using htaccess restrictions on the directory can help with that.
Related Questions
How to Build a Custom GPT Journalist That Posts Directly to WordPress
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads