>file by FTP for example). If you're really paranoid, put the
>username/password outside your htroot into a separate file, say
>passwords.inc and include it into php with
>include('/secure/passwords.inc'), but this isn't really needed, and
>BTW, it won't make the connection method more secure, or insecure.
Perhaps I'm paranoid.. don't think it's bad.
I would recommend putting it outside the htroot.. this will prevent people
from seeing it if someone screws up the serverconfig..
Another thing.... I wouldn't call it password.inc.. if someone would gain
access to your userdir they would first look for something with password or
passwd in it.. give it an unrelated name..
I must agree that it won't make your PHP script more secure since it's
parsed. But it's always a good thing to be carefull.
Bye,
B.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
