Is there a difference between saving settings to dotEnv, JSON or INI?

Asked

Viewed 94 times

2

To save sensitive application data, it is recommended to save in dotEnv or I can save in any other format where the file is not in the public directory?

I see many talking about dotEnv, I wanted to know why they say it is so safe, and it is practically identical to .ini. What are the differences?

  • I believe I can only hold it if it’s encrypted.

  • 1

    I usually create a config.php and throw the configuration variables in it. If someone thinks this is a bad practice, I would like to know why.

1 answer

4


Friend, dotEnv is more of a ease standardization. It used to be XML is now Json, more or less so. Um . ini or config.php in security matters is the same thing, you can give require above public_html and no one on the web will see the file. The question of dotEnv is its ease, carries it from some hidden place and then just use $_ENV['senha_bd'] when you need it, no fancy code or gambiarra.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.