I belive you can have the file atleast one directory below your root web
folder (so web surfers have no access, just your script). Also since the
HTML->PHP is unsecure over HTTP, look into HTTPS , I believe this is related
to SSL (Secure Socket Layer). Without SSL, you will be POSTing your
user/pass enter from the HTML form in plain text, which is always a target
for packet sniffers.

Hopefully that will shed some light, BUT I myself am not familiar with SSL
so please check with a more experienced/knowledged person.

"Roman Duriancik" <[EMAIL PROTECTED]> wrote in message
> If I want to secure the access to the database by asking for passwd, what
> should I do ? I suppose I need a secure connection to transfer the
> and passwd between HTML form and the script - how do I make that ?
> How do I secure the database file with passwords and user names so that
> it cannot be accessed by anyone, just by allowed users ?
> thank you
> roman

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to