What I do, because I am using a test platform is to put the line with
pconnect() in a small text file, place this file somewhere on the disk,
outside of the web site root
and refer to that file with include() in my code.
This way, even if the PHP source code were compromised, the user name
I've figured out a fairly secure program structure. Here's one option
(I'm sure there's as many ways to accomplish similar security as there
are people on this list):
First, a little info about the environment. It's a Linux OS running
Apache Web Server. Multi-user environment providing
The actual content of the .php files won't be seen from the net since it is
server side scripting language.. But if you are still concerned you can put
database connection info into another file (preferably .php file) and place
it somewhere outside your web directory and access it thru require()