Sadegh
Reputation: 325
Is adding a php file make my site hackable?
I have a Wordpress site where I want to make a query with a php file.
In this file, I have Write Inline code for Database connection and queries like database username, password,host etc
<?php
$DB_Server = "localhost";
$DB_Username = "username";
$DB_Password = "password";
$DB_DBName = "databasename";
$DB_TBLName = "tablename";
$xls_filename = 'export_'.date('Y-m-d').'.xls';
$sql = "Select * from $DB_TBLName";
$Connect = @mysql_connect($DB_Server, $DB_Username, $DB_Password) or die("Failed to connect to MySQL:<br />" . mysql_error() . "<br />" . mysql_errno());
Does using this codes make my site hackable? I mean are these codes harmful to my site security?
Upvotes: 1
Views: 102
Answers (1)
fugitive
Reputation: 367
Well, It don't have to mean. Depends how you use it, and how your custom php file hangs on with WPress CMS.. Basicly, you really don't have to make any custom php's that plays with WP DataBase.
WP is Content Managment System, and everything is fitted correctly.. If you want to change something, you can edit functions.php file, or some plugins file...
+ mysql is depreceated.!!! Use either PDO or mysqli
Upvotes: 3