On Thu, Sep 19, 2002 at 01:56:03PM -0400, [EMAIL PROTECTED] wrote: > This is a security standard that is already inherent in the current phps > version. It is also not the job of PHP to save people from themselves.
And sensitive cleartext data like SQL passwords can always be passed through environment variables. For instance, Apache has the 'Setenv' directive to set this, and the httpd.conf file can be made only readable by root. That way, publishing the source code doesn't reveal anything. -- __ /*- Frank DENIS (Jedi/Sector One) <[EMAIL PROTECTED]> -*\ __ \ '/ <a href="http://www.PureFTPd.Org/";> Secure FTP Server </a> \' / \/ <a href="http://www.Jedi.Claranet.Fr/";> Misc. free software </a> \/
msg42034/pgp00000.pgp
Description: PGP signature
