Re: define()

On Jun 16, 2012, at 6:39 AM, Maciek Sokolewicz wrote:

> On 16-06-2012 08:36, Karl DeSaulniers wrote:
>> Quick question phprz. Is it ok to put a token inside a define()  
>> statement?
>>
>> IE:
>> define('TOKEN', $sometoken);
>>
>> I guess what I am really after is if this can be read by a hacker?
>> I may be misguided as to what define()'s parameters are.
>> Once you define something it becomes a server variable?
>> And server variables are easy to read/get ?
>>
>> If it is unsafe, what is the best method of storing/using a token so
>> that it can be called at will?
>> Kind of like a global, just more secure. Can you secure a define  
>> statement?
>>
>> TIA,
>>
>> Best,
>> Karl DeSaulniers
>> Design Drumm
>> http://designdrumm.com
>>
>>
>
> I don't think you understand what define does, or what a constant is.
>
> The define function literally "defines" a constant. That is, it  
> creates a constant in your script.
> A constant isn't a server variable, it's not some kind of special  
> global whatever.
>
> A constant is a kind of variable, but which is constant; that is, it  
> can not change value once set. Constants in PHP look like variables,  
> only without the preceding $-mark. They are not inherently safer or  
> better than normal variables.
>
> Now, the question we would all like to pose is: "what are you trying  
> to do?". You say you're looking for the best method of storing/using  
> a token to be called at will. Then of course a good question would  
> be "what do you mean by 'token'?" and what do you want to do with  
> that 'token'? Why is that 'token' so important to you?

Thanks for the reply. I had a feeling I was off-track.
I am using the token for a paypal verification. Paypals PDT.
Would like to know how to store safely in my config file to use in my  
scripts.

Karl DeSaulniers
Design Drumm
http://designdrumm.com

--

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php