PHP Mailer Class - Securing Email Credentials

Posted by Alan A on Stack Overflow See other posts from Stack Overflow or by Alan A
Published on 2013-10-17T15:52:00Z Indexed on 2013/10/17 15:54 UTC
Read the original article Hit count: 189

Filed under:
|
|
|

I am using the php mailer class to send email via my scripts.

The structure is as follows:

$mail = new PHPMailer;

$mail->IsSMTP();                                      // Set mailer to use SMTP
$mail->Host = 'myserver.com';  // Specify main and backup server
$mail->SMTPAuth = true;                               // Enable SMTP authentication
$mail->Username = '[email protected]';                            // SMTP username
$mail->Password = 'user123';                           // SMTP password
$mail->SMTPSecure = 'pass123';  

It seems to me to be a bit of a security hole having the mailbox credentials in plain view. So I thought I might put these in an external file outside of the web root. My question is how would I then assign the $mail object these values.

I of course no how to use include and/or requires... would it simple be a case of....

$mail->IsSMTP();                                      // Set mailer to use SMTP
$mail->Host = 'myserver.com';  // Specify main and backup server
$mail->SMTPAuth = true;                               // Enable SMTP authentication

includes '../locationOutsideWebroot/emailCredntials.php';

$mail->SMTPSecure = 'pass123';

Then emailCredentails.php:

<?php
$mail->Username = '[email protected]';
$mail->Password = 'user123';
?>

Would this be sufficient and secure enough?

Thanks,

Alan.

© Stack Overflow or respective owner

Related posts about security

Related posts about email