Much of the password discussion I've seen revolves around encrypting the 
user-supplied password, but what about the user/password used to make the 
initial connection?  In other words, I'm assuming that the .php file has the 
initial user and password right in the text in order to make the connection. 
Is there a way around this, because it seems very insecure to me that these 
parameters would be in the .php source.  Or is the .php source supposedly 
not readable?

thanks, Chuck 

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to