I just wanned to bring the issue of security of MySQL connection:

Let us imagine that SQL server was down for some hours (of 
course without us knowing it) and at the same hours our SQL site 
was visited by some kind of hacker, he can see on his screen all 
our SQL connection info like username,  password, and database 
name. You may hide this information in different file than the file 
that your users open then the hacker will see something like 
"include("connect.inc");" or "require("connect.inc");" (of course IF 
server is down). So you may only imagine the consequences of 
this visit of the hacker. What can we do to protect our sensitive 
information if SQL server is down?


PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to