--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sharing/config.php Sun May 08 18:11:53 2011 +0100
@@ -0,0 +1,5 @@
+<?php
+// edit these to match your db
+$username = "user";
+$password = "password";
+?>
--- a/sharing/credentials Fri Apr 29 20:05:21 2011 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,1 +0,0 @@
-userid:password
--- a/sharing/phpinfo.php Fri Apr 29 20:05:21 2011 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,13 +0,0 @@
-<?php
-$username = "www-data";
-$password = "nutmeg23";
-$database = "privacy-dashboard";
-
-mysql_connect(localhost,$username,$password);
-
-@mysql_select_db($database) or die( "Unable to select database");
-
-
-echo "It works";
-mysql_close();
-?>
--- a/sharing/query.php Fri Apr 29 20:05:21 2011 +0100
+++ b/sharing/query.php Sun May 08 18:11:53 2011 +0100
@@ -1,4 +1,15 @@
<?php
+ // defines db username and password
+ require("config.php");
+
+/*
+edit config.php to suit your db:
+
+<?php
+$username = "userid";
+$password = "password";
+?>
+*/
$nl = "\n";
$tab = "\t";
@@ -97,6 +108,7 @@
break;
case "9":
+
$sql = "SELECT DISTINCT third_party FROM parties WHERE offsite = 1 " .
"AND page_host LIKE '%" . escape1($param) . "'";
$names = array("3rd party");
@@ -111,7 +123,10 @@
case "11":
$sql = "SELECT host,session_cookies,lasting_cookies,flash_cookies," .
"int_3rd_party_session_cookies,int_3rd_party_lasting_cookies," .
- "int_3rd_party_flash_cookies,ext_3rd_party_session_cookies," .
+ "int_3rd_party_fla<?php
+$username = "www-data";
+$password = "nutmeg23";
+?>sh_cookies,ext_3rd_party_session_cookies," .
"ext_3rd_party_lasting_cookies,ext_3rd_party_flash_cookies" .
" FROM site_info WHERE host LIKE '%" . escape1($param) . "'";
$names = array("host","session","lasting","flash",
@@ -133,21 +148,7 @@
header('Content-Type: text/plain');
- // read credentials from local file
- $creds = file_get_contents("credentials");
-
- if (!$creds)
- {
- header("HTTP/1.0 500 Internal Error");
- die("500 Internal Error - Couldn't get credentials for database access");
- }
-
- // file content: userid:password
- $creds = explode(":", $creds);
- $username = trim($creds[0]);
- $password = trim($creds[1]);
-
- $database = "privacy-dashboard";
+ $database = "dashboard";
$db = mysql_connect("localhost",$username,$password);
if (!$db)
--- a/sharing/share.php Fri Apr 29 20:05:21 2011 +0100
+++ b/sharing/share.php Sun May 08 18:11:53 2011 +0100
@@ -1,4 +1,7 @@
<?php
+ // defines db username and password
+ require("config.php");
+
mb_internal_encoding("UTF-8");
// crude check on data integrity
@@ -251,7 +254,7 @@
$username = trim($creds[0]);
$password = trim($creds[1]);
- $database = "privacy-dashboard";
+ $database = "dashboard";
$db = mysql_connect("localhost",$username,$password);
if (!$db)
--- a/sharing/site.php Fri Apr 29 20:05:21 2011 +0100
+++ b/sharing/site.php Sun May 08 18:11:53 2011 +0100
@@ -1,4 +1,6 @@
<?php
+ // defines db username and password
+ require("config.php");
$nl = "\n";
$tab = "\t";
@@ -51,9 +53,7 @@
do_query($sql, $names);
}
- $username = "www-data";
- $password = "nutmeg23"; // oops security hole!!!!
- $database = "privacy-dashboard";
+ $database = "dashboard";
$db = mysql_connect("localhost",$username,$password);