I've created a file named 'connection'(used to connect to mysql server)...
This file connect to mysql server with user=root en password inserted....
The problem is user name (in this case root) and password appeared in file... so that anyone who get the file may know what the password and user name is...
Are there any solution to more secure connection??
1. Put the file outside of your web root
2. Deny access to the file using .htaccess
3. Give the file a .php extension so people will only get the _result_ of the file (which if it just contains variables, the result will be empty).
-- ---John Holmes...
Amazon Wishlist: www.amazon.com/o/registry/3BEXC84AB3A5E/
php|architect: The Magazine for PHP Professionals – www.phparch.com
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
