On 10/11/05, Paul Menard <[EMAIL PROTECTED]> wrote: > > On other note is about security. Note that you are placing a file that > contain sensitive password > information under your website's hosted root directory. This is general > considered a bad idea. If > you have access to the directory above or outside your root then please > consider moving this file > there.
I'm hosting my website at a host.. so I dont have access to any folder outside my root.. What I generally do is keep the db_config.php file in an includes folder > relative to my root. > Something like > > /includes/db_config.php > > The normal include command would work the same. But instead of actually > placing my config > information in this file it actually just contains an include statement > with a hard-coded path to > the real include file outside the root. > > Hope you follow. I can move my config file from root directory to some other directory like 'includes'.. Even in that place that config file should contain the database username and password, as I dont have access to any external directory.. .. Is this still a security problem? How to avoid this? -- KISHORE [Non-text portions of this message have been removed] ------------------------ Yahoo! Groups Sponsor --------------------~--> Fair play? Video games influencing politics. Click and talk back! http://us.click.yahoo.com/T8sf5C/tzNLAA/TtwFAA/HKFolB/TM --------------------------------------------------------------------~-> Community email addresses: Post message: [email protected] Subscribe: [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] List owner: [EMAIL PROTECTED] Shortcut URL to this page: http://groups.yahoo.com/group/php-list Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php-list/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
