Store the connection strings in an include file preferably outside the 
wed root. You can include files with a fully resolved path, or using the 
php include_path variable if you have access to the configuration. 
Alternately, if you don't have access to directories outside the 
webroot, put the

patrick gibson wrote:

> I'm new to PHP, and I have a question regarding the storage of connection
> properties to the database. I have a site on a shared (Unix) server. I'm
> adding some PHP to a section which will be database-driven. I'm concerned
> about storing the username and password to my database (some of the data
> contained within this database is sensitive) in my PHP files which are
> readable by the webserver, and thus by anyone on the system.
> Is there a recommended strategy for keeping my database username and
> password in a secure location so that no other user can access the files?
> Any help would be greatly appreciated.
> Thanks very much,
> Patrick
> ---| patrick gibson |---------------+
>  email: email @
>  url:
> ------------------------------------+

"Out beyond the ideas of wrong-doing and right-doing
there is a field. I'll meet you there."
*** under construction ***   Healing Resources on the Central Coast   Internet Development

PHP Database Mailing List (
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to