Posted by Jerry Stuckle on 06/03/07 21:03

sundby wrote:
> On May 27, 11:15 am, "_mario.lat" <n...@libero.it> wrote:
>> hallo,
>> I use PHP and I'd like to not write in hardcoded way password
>> and login to access to mysql.
>> how to not write password in code for access to mysql?
>> How can I do?
>> I'd like that who see my code don't see my paswords.
>> there is a solution?
>> Thank you in advance.
>> Mario.
>
>
> What is this groups overall view on setting up .htaccess with
> something like:
> php_value auto_prepend_file /path/to/password/file.php
>
> Is this a "Good Thing" or a "Bad Thing"? I have not deared to use it
> yet, though if it never "screws up" I'm inclined to think it is more
> secure since the path is hidden even when they can see your scripts.
>

First of all, what good is it going to do you you? If someone can see
your source code, they can see your .htaccess.

Second, why auto-include the file where it's not needed (i.e. pages
where you don't require database access)?

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

[Back to original message]