I am relatively new to php. I am currently developing a php 4.x
application running on an apache 1.3.x web server which connects to a
remote sybase SQL ASE 12 server.
My main concern is with the command sybase_connect ("server",
"username","password") on the web server. Obviously, the password field
is in clear text. In the event of a possible security compromise of the
web server (be it through bugs in the O/S, php code or apache server), a
hacker may change file permissions and gain access to the php file
containing the database password.
One machine compromised is bad enough but I would like to protect the
integrity of the database server. Is there a way to set up some kind of
encryption to protect the database password?
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php