PHP Connection File

Tim_L

To connect my database I've got a standard .php file with the connection details including password etc...

If someone finds out the location of the php file (not difficult), is it possible for them to view the details at all? I'm sure I read somewhere that it is possible to download php files but I could be wrong?

Is this method the safest method?

Thanks...

LordShryku

Storing the config file outside of your document root is the safest method. That way, if they do find out the location, they still need access to the box to see it.