you could put your php scipts that contain senstive stuff like database logins and 
passwords etc in a dir thats not under the public_html dir (or whatever yours is) i.e. 
under your root you might have 'public_html', 'tmp', 'cgi-bin' etc. create a dir and 
call it what you like ('php' would do) and put your scripts in there. when you need to 
use them on a page put this code in 

ini_set('include_path', '../php');
require 'your_php_script.php';

../ tells the script to look up a dir so ../../ would go up 2 etc

hope this makes sense


-----Original Message-----
From: Leendert [mailto:[EMAIL PROTECTED]]
Sent: 03 October 2002 10:00
Subject: [PHP-DB] Re: The noob is back! About this directory security...

"Brett Lathrope" <[EMAIL PROTECTED]> wrote in message
> I want to thank everyone that helped me with phpMyAdmin suggestions.  It
> took me 6 and a half hours to get it to work, but I got it to work!  LOL!
> You guys have no idea how confusing the configuration file is for some
> is new to php and doesn't know unix.
> And that leads me to my question.
> I have a directory where I put phpMyAdmin, how to I keep everyone out but
> me...yet still be able to access it myself.

You can use .htaccess to secure your directory with a user/pass.

> Also, when I create my PHP scripts to access this database (which I've
> actually done) I want to put them in a directory that is safe from prying
> eyes but usable by those coming in through the browser (if that makes
> sense).

Not quite sure what you mean. If you mean people aren't allowed to read your
code: surprise, that's not possible given your PHP configuration is set up

> You guys keep talking about this chmod command...but I'm using WS-FTP LE
> all I get is Owner, Group, and Other with the options to set Read, Write
> Execute for each.

That is pretty much what chmod does. I think it will become clearer if you
read some about chmod.

> And I've read that I should be 2 directories down?

Don't believe everything they tell you. (More seriously: I have no idea what
you mean by that.)

> Thanks guys.
> Brett

PHP Database Mailing List (
To unsubscribe, visit:

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to