PHP Mailer Class - Securing Email Credentials
Posted
by
Alan A
on Stack Overflow
See other posts from Stack Overflow
or by Alan A
Published on 2013-10-17T15:52:00Z
Indexed on
2013/10/17
15:54 UTC
Read the original article
Hit count: 189
I am using the php mailer class to send email via my scripts.
The structure is as follows:
$mail = new PHPMailer;
$mail->IsSMTP(); // Set mailer to use SMTP
$mail->Host = 'myserver.com'; // Specify main and backup server
$mail->SMTPAuth = true; // Enable SMTP authentication
$mail->Username = '[email protected]'; // SMTP username
$mail->Password = 'user123'; // SMTP password
$mail->SMTPSecure = 'pass123';
It seems to me to be a bit of a security hole having the mailbox credentials in plain view. So I thought I might put these in an external file outside of the web root. My question is how would I then assign the $mail object these values.
I of course no how to use include
and/or requires
... would it simple be a case of....
$mail->IsSMTP(); // Set mailer to use SMTP
$mail->Host = 'myserver.com'; // Specify main and backup server
$mail->SMTPAuth = true; // Enable SMTP authentication
includes '../locationOutsideWebroot/emailCredntials.php';
$mail->SMTPSecure = 'pass123';
Then emailCredentails.php:
<?php
$mail->Username = '[email protected]';
$mail->Password = 'user123';
?>
Would this be sufficient and secure enough?
Thanks,
Alan.
© Stack Overflow or respective owner