> I would like to get some opinions here on a method I'm doing to grab connect > information for a mysql connection. > > Currently I am doing: $pinfo = fopen ("/director1/directory2/filename.ini", > "r"); > > I'm looking for a more secure method of doing this. Is XML a solution? Is > there something else? Are you doing something similar?
So long as filename.ini is outside of your web root, you are fine. You could also just have a plain PHP file outside of your web root and use the include() function to get the variables... include.php: <? $host = "localhost"; $user = "john"; $password = "mypass"; ?> index.php (or any other script) <? include("/path/to/include.php"); mysql_connect($host,$user,$mypass); ?> etc.... You can instead put the connection function within the include.php file, too. ---John Holmes... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php