Posted by cewyattjr on 07/18/06 19:46

J.O. Aho wrote:
> The best IMHO is to have a include file that is outside the directory that the
> web-server has access to, we assume you are having an *nix based system and
> you are working on your personal homepage
>
>
> //Aho

OK, so now I'm thinking about asking the question another way -- if the
connection info *were* actually within the webserver file system, how
would someone be able to view this text? Presumably someone would have
to compromise the FTP access for example to see raw PHP files, yes?
I'm assuming then there is no way to parse this info via a web browser
for example.

thanks,

Chuck

• Next in forum: excel export - few options
• Prev in forum: Re: Challenge: MySql result to drop down box
• Thread view: Re: Best practice regarding MySQL username/pw in script file??

[Reply to this message]