For a start, please don't cross-post.

Secondly, people don't see these files because the PHP engine parses them. 
However, you could remove each of the parameters to an include file outside 
the web tree and have PHP read it.

Set the include_path in php.ini

Thus in a file named you can have these lines:

$hostname = "";
$user = "username";
$password = "password";
$dbname = "database";

and change your connection string as follows:
      include '';
     //maybe some other stuff her
     $conn = mysql_connect( '$hostname', '$user', '$password');
     mysql_select_db('$dbname',$conn) or die( mysql_errno()." : 

There has been a lot of discussion on this topic, even within the past ten 
days, so a search of the archives will give you the full discussion.

Regards - Miles Thompson

At 01:37 AM 1/28/2002 +0100, Duky Yuen wrote:
>How can I secure my username and password? In 1 of my files, it contains
>the following:
>     $conn = mysql_connect( "", "username", "password");
>     mysql_select_db("database",$conn);
>What should I do, so people can't get this information?
>PHP Database Mailing List (
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]

PHP General Mailing List (
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to