Hi Richard,
Richard Lynch wrote:
First, you're scaring the [bleep] out of me from a security standpoint
writing mysql passwords into files...
I'm curious.
What would you do ?
No kidding intended. I'm serious.
Warm Regards,
Deckard
--
PHP General Mailing List (http://www.php.net/)
To
It's not the writing them into files part...
It's the I'm not sure you know what you are doing and maybe you're
writing them into files inside the webtree or introducing other gross
insecurities part...
Hope that helps...
On Tue, October 3, 2006 2:39 pm, Deckard wrote:
Hi Richard,
Richard
I tend to store passwords in mysql as hashed values (usually md5), and if I
am using scripts to connect to the database name that file (for example)
connect.inc and add an .htaccess file to stop user download of any files
called *.inc. Or store those files outside the web root in the include
3 matches
Mail list logo