Posted by Chris Shiflett on 02/18/05 07:12
--- ".....hG" <forums@helmutgranda.com> wrote:
> While back I read in an article that placing UN and PASSwords in a PHP
> was not secure.
Well, that's very subjective. In a shared hosting environment, it
certainly does pose a risk. If you place it within document root (don't do
that), it poses a significant risk.
My favorite method of handling this is described at the end of this
article:
http://shiflett.org/articles/security-corner-mar2004
Hope that helps.
Chris
=====
Chris Shiflett - http://shiflett.org/
PHP Security - O'Reilly HTTP Developer's Handbook - Sams
Coming Soon http://httphandbook.org/
[Back to original message]
|