Hopefully your database server is only accessible from your web server, whereas PayPal is reachable from any other computer in the world.
On Aug 19, 2011, at 06:02, WebbedIT wrote: > Playing devil's advocate here, doesn't having your database password > available in /app/config/database.php carry the same risk? > > On Aug 18, 4:58 pm, "[email protected]" wrote: >> I'm not really sure what you mean about paypal generating API keys, >> the ones they give you when you sign up for an api account don't >> change as far as I know. What's the usual way of keeping these things >> secure? -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
