Hi, I'm new to PHP and need to know how I can completely hide Oracle database password
used in OCILogon call. Since all .php pages can be read by www user, if the userid
and password are coded in the .php page, they anyone can fopen this file and view the
contents (right?) - this presents a security problem. So how can I have a database
connection which is secure? Or am I missing something in here?
The code below is what I have.
<?php
putenv("TWO_TASK=ORCL2");
putenv("ORACLE_HOME=/u01/home/oracle/product/9.2.0");
$conn = OCILogon("USER1","USER1PASS");
$query = OCIParse($conn,"select * from state");
OCIExecute($query);
?>
Thank you
Helen Sallee
VIS Database Administrator
