A basic vanilla PHP function to load variables from an .env file.
When you are creating a basic vanilla PHP project and want to keep your database credentials and/or API key out of your GitHub repository you can use a .env file.
-
Create a file called
.envand place it in your project folder. -
Put your actual database credentials and API keys in your `.env``file:
DB_HOST=<DB_HOST> DB_DATABASE=<DB_DATABASE> DB_USERNAME=<DB_USERNAME> DB_PASSWORD=<DB_PASSWORD> API_SECRET=real_api_key
-
Create a second copy of your
.envfile and name it.env.sample. Use this file to provide instructions to the next programmer using your project code:DB_HOST=localhost DB_DATABASE=database DB_USERNAME=username DB_PASSWORD=password API_SECRET=api_key
-
Make sure your GitHub repo does not include the file named
.env. In your.gitignorefile add:.env
Note
I have excluded this step in this repo so you can view both the .env and .env.sample files.
-
If your
.envfile is accessible from a browser, use a.htaccessfile to hide your.envfile:<Files .env> order allow,deny Deny from all </Files>
-
In your database connection file, add this function to load the variables from the
.envfile, and place them in matching constants:$env = file(__DIR__.'/.env', FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); foreach($env as $value) { $value = explode('=', $value); define($value[0], $value[1]); }
-
Finally, you can use the contants in your database connection and any API code:
$connect = mysqli_connect(DB_HOST, DB_USERNAME, DB_PASSWORD, DB_DATABASE);
