Open mfsi-suryar opened 3 years ago
Yep agreed! thanks @mfsi-suryar this is very important @aryanxorian @Nikkii1999 @SubhajitDas98 , please remove them from git versioning. we set these config values while deploying to different env test/staging/production, so they are different for each environment and then there is a security concern that if someone gets access to your git codebase, they might be able to access your resources which puts database, servers and other things at risk. so these need to set in a file(json/yaml/.env etc.) that you generate while deploying on servers + local environment, which should be read from your PHP script to use these values.
https://github.com/aryanxorian/ecommerce-website/blob/54cdf603dfb492e06794f67af4c07b9fcc1d0b44/configd.php#L2
Don't push config details to version control.
configdb.php
into version control. You can add this to.gitignore` and create a new example file like
configdb.php.exampleinto version control. While setting up the project, you will copy this file to
configdb.php``` and add the credentials there.