PHP, Code &amp; Security

baffled_in_UK · 2002-10-30T17:54:02+00:00

Hi, I have some security related questions... I know that PHP is transparent when doing a "view source", but are there ways that malicious users can view m...

PHP, Code & Security

baffled_in_UK

Hi,

I have some security related questions...

I know that PHP is transparent when doing a "view source", but are there ways that malicious users can view my php code
How easy is it to hack a MySQL Db
Will .htaccess protect my "login.php" (connect to Db)

Many thanks

siwis

Place a file containing all your global sensitive stuff like db connect details outside (below) the web root. IE if your domain points to the folder /web or /www make another folder at that level and include() it into your actual scripts.

That way, the file is unreadable by anything except direct access on the server.