Much of the password discussion I've seen revolves around encrypting the
user-supplied password, but what about the user/password used to make the
initial connection? In other words, I'm assuming that the .php file has the
initial user and password right in the text in order to make the connection.
Is there a way around this, because it seems very insecure to me that these
parameters would be in the .php source. Or is the .php source supposedly
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php