That's where this thread started... --- Wendell Brown <[EMAIL PROTECTED]> wrote: > On Mon, 30 Jun 2003 13:50:21 -0600, Peter Janett wrote: > > >My concern is that a shell emulating PHP or > >Perl script run as Apache can read or copy ANY PHP script used > with PHP as > >an Apache module. > > It seems to me like the safest way to handle this would be to > create a > function that opens the database (with the user_id and password > hard > coded) and returns a handle to the open db. Then put this function > into a "include" directory outside the document root (you might > have to > disable fopen_with_path). > > function openDB() { > > $MYSQL_Server = "localhost"; > $MYSQL_DB = "db"; > $MYSQL_User = "user"; > $MYSQL_Password = "password"; > > // Connect to database > $dbID = mysql_connect($MYSQL_Server, $MYSQL_User, > $MYSQL_Password) > or die("Could not connect"); > > mysql_select_db( $MYSQL_DB ) > or die("Could not select database"); > > return( $dbID ); > } > > Then call openDB() from your module.... > > <?PHP > > include "hidden.php"; > > $dbHandle = openDB(); > > // whatever you want to do with the db here > > ?> > > Comments?? > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php >
===== Mark Weinstock [EMAIL PROTECTED] *************************************** You can't demand something as a "right" unless you are willing to fight to death to defend everyone else's right to the same thing. *************************************** __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php