At 18.03.2002 17:28, you wrote: Even if I think you´ll not be able (should not be able) to put files elswehere than /home/~myname: > >On a shared hosting provider, I have an account like: > >/home/~myname/www/ >and >/home/~myname/resources/ > >As far as I know, apache can only access what's in the www directory and >below.
That depends on how the apache is configured but the place /home/~myname/ could be a good place, as this couldn´t be listed by the apache (means client). Mostly the documentroot for apache begins in home/.../www/. >However, >php can include stuff from the resources directory. This is where it's >recommended to keep the database passwords. > >How did the sysop, (not me), set this up? (how does the world get made ;-) ) if your isp has not set the apache user explicit, it should be wwwrun/nogroup but I hope he/she changed the user >What user/group would apache run as? >Also, what user/group would the php script be in, apache's? Your script´s could be yourname/users (if apache belongs to users) If you want to store passwords for mysql, check out if your ISP supports the usage of .htaccess files in each directory, then you can prevent the listing of the directory. Details can be found www.apache.org search the manual. Or you try to store these data in /home/~myname/. If these files were not found, try an absolute path when you include f.e. include "/home/~myname/passwords.inc": HTH Oliver -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php