Move it outside the document root or put a .htaccess file inside the dir to deny access. This will still allow system access but will prevent other fopen.
M: > In a PHP application using MySQL i have to connect the database using > > $iDBhandle = mysql_connect( $sDBhost, $sDBuser, $sDBpsw ); > > Problem is, that I cannot see any solution to protect the value > of $sDBpsw. > Of course I wont set the value of $sDBpsw in the same PHP script. I do > that including a file pa/pa.php (protected area) but this file also has to > have read access to all users and could be read with fopen( "URL", "r" ). > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]