• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

BUG When the snippets are saved, security concern with passwords

thegaffney

New member
Messages
1
Likes
0
Points
1
#1
Now that I have to put my PHP code inside a wordpress text box and save it using your plugin, instead of just including external files. I'm very concerned about inserting code that includes things such as my 3rd party database passwords.

It appears it is just saved the code to the wp_posts table

How can I avoid having my passwords saved as plain text into the database?

Can I instead reference variables set in the functions.php file or?

How did the old version work, was that still an issue then?
 

Temyk

Support team
Staff member
Messages
125
Likes
10
Points
18
#2
Hello.

You should not store your variables in the functions.php file because it is overwritten when you update Wordpress.

Instead, declare a constant with a password in wp-config.php:
define( 'MY_PASSWORD', 'password' );
and use it in a snippet:
$password = MY_PASSWORD;