For everybody who cannot change system settings like ownership of
directories
and access configurations in the webserver:

Make a simple include file containing:
   $db_passwd = "secret";
(just plain ascii) and put it in a directory beneath (or higher than,
whatever
is your point of view) the webroot. For example: <MY_HOME_DIR>/wwwroot is
the
webroot; then place it in <MY_HOME_DIR>, or make another subdirectory there.

In the include statement use the full pathname, like:
include "/home/some_user/hidden_pages/db_pass.inc";

If PHP on your server does not work correctly at any time, then the include
file 
is not included...

It's simple, cheap, and safe!


Success,
Marco



05-09-2001 10:22:04, speedboy <[EMAIL PROTECTED]> wrote:

>> $0 option:
>> Put your user ID and password in a config file, then give only the
>> webserver user access to it.  Read the config file to make it work.  This
>> also allows easy switching between test and production environments.
>
>You can't change the group owner of a file unless you have root.
>
>That does not stop another php user fopen'ing your config file.
>
>
>-- 
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
>



--
****************************************************************************
This message contains information that may be privileged or confidential and
is the property of the Cap Gemini Ernst & Young Group. It is only intended
for the person to whom it is addressed. If you are not the intended
recipient, you are not authorized to read, print, retain, copy disseminate,
distribute, or use this message or any part thereof. If you receive this
message in error, please notify the sender immediately and delete all copies
of this message.
****************************************************************************

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to