Need help on creating my own config

Hi i need help on making a config.php and security stuff iv’e tried as best i can to do it myself but dont know alot about php. If anyone can give me some info on how to start and what to put.

Your question is too broad to give you an answer. What have you tried? What is the expected result? What result did you get?

I have tried to copy most of the config from the pdo_bumpstart that you gave me so that i can use it on my main index.php but i keep getting stuck as i dont know very much php and dont really know what im looking at.

The expected result would be the same as what i get from the pdo_bumpstart i guess but i dont want the display_pages.php but when i was trying not to use that on the pdo it would give me errors that it was needed.

I just want to have some security for my pages as i don’t have aything.

This is my main index.php and iv’e copied some of the code from the pdo

[php]<?php
session_start();
//Allow direct accsess to this page

define (‘securepage’, true);

require_once (’./myconfig.php’);
?>[/php]

This is my config (myconfig.php) which i have used most of it from the pdo
[php]<?php
$path = realpath(dirname(FILE)) . DIRECTORY_SEPARATOR;

require_once($path . ‘myconfig/databasecon.php’);
require_once($path . ‘config/functions.php’);

//SECURITY STUFF

// Block site from third party frames
//header(‘X-Frame-Options: SAMEORIGIN’);

// HttpOnly is an additional flag included in a Set-Cookie HTTP response header.
// Using the HttpOnly flag when generating a cookie helps mitigate the risk of a
// client side script accessing the protected cookie (if the browser supports it).
//ini_set(‘session.cookie_httponly’, 1);

//----------------------------------------------------------------------------
// Set Error Reporting
//----------------------------------------------------------------------------

error_reporting(E_ALL|E_STRICT);
ini_set(‘display_errors’, ‘1’);

//----------------------------------------------------------------------------
// Set Admin Email
//----------------------------------------------------------------------------

$email_admin = ‘[email protected]’;
$email_from = ‘[email protected]’;

//----------------------------------------------------------------------------
// Dates
//----------------------------------------------------------------------------

// Set Timezone
date_default_timezone_set(‘America/Los_Angeles’);

// MySQL. Format: 2010-07-15 16:33:56
$mysql_datetime = date(“Y-m-d H:i:s”);

//----------------------------------------------------------------------------
// Options
//----------------------------------------------------------------------------

$tableprefix=’’;

$url_website = ‘thiswebsite.com’;

define(“DEBUG”, 1); // Display errors, Sql & Sql Parameters. - 0=Off, 1=On

//----------------------------------------------------------------------------
// Error Handling
//----------------------------------------------------------------------------

define(“EMAIL_ERROR”, 0); // Email errors to $email_admin. - 0=Off, 1=On
define(“LOG_ERROR”, 0); // Log error to file - 0=Off, 1=On

// Error log filename - Use uncommon name for security
$error_log_filename = ‘error.log’;

// Server path to this directory used for error log. Recommend setting error log outside web root dir for security. Default realpath(’.’)
$realpath = realpath(’.’);

$log_directory=“logs”;
$errorlog_path = “$realpath”.DIRECTORY_SEPARATOR."$log_directory".DIRECTORY_SEPARATOR."$error_log_filename"; # Path To Error Log & log filename

//----------------------------------------------------------------------------
// Check Error Log
//----------------------------------------------------------------------------

define(“CHECK_ERROR_LOG”,0); // Makes sure error log is writeable. Set to 1 to check

//----------------------------------------------------------------------------
// Run Function Check Error Log - DO NOT EDIT!
//----------------------------------------------------------------------------

if (CHECK_ERROR_LOG == 1)
{
check_error_log();
}
?>
?>
[/php]

Sponsor our Newsletter | Privacy Policy | Terms of Service