问题
Ok, I'm using PHPMailer to send email.
So in the php code I add my SMTP username, which is my gmail account and the SMTP password, which is my gmail account password.
So my GMAIL ACCOUNT ACCESS is EXPOSED in php CODE, although the server discards the php after it's been interpreted so nobody can see it, my question is, is this reliable? Should I leave my gmail access in the code or should I save it in my database?
Thanks in advance
回答1:
Any developer with access to your code will be able to access your credentials. Saving these in a database may make it a little tougher to gain access to the details, but only slightly.
If you are truly concerned about the credentials used, create an account dedicated to your site and do not use a personal account.
来源:https://stackoverflow.com/questions/13017622/phpmailer-hide-smtp-authentication