|
|
Posted by "Ben Litton" on 11/05/05 00:23
I'm not sure if there's a way around this, though there's a few simple
precautions you can take. You can put a function that returns the resource
in an include file outside of the public html folders, which helps a
little bit. It's also always good to give the least permission possible
and to only allow connections from localhost.
Now I know this isn't exactly what you asked, but someone will probably
come along shortly and offer something more in line.
Ben
On Fri, 04 Nov 2005 15:36:47 -0500, "Bing Du" <du_bing@hotmail.com> wrote:
> Hello,
>
> Some functions need you to provide username and password, for instance
> odbc_connect. Even though the username/password just has minimum access
> privileges to the resource, putting it there in clear text in a script
> gives
> me heartburn. How do people handle username/password in such kind of
> cases?
> I'm sure there must be some way to store critical information in some
> encrypted format but it's still readable to scripts for authentication
> purpose. But don't know how. Any ideas or pointer would be greatly
> appreciated.
>
> Bing
--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
Navigation:
[Reply to this message]
|