In PHP... does odbc_connect() send the login and password in clear text? what is to stop somone from seeing these when a connection to a remote MS SQL server is performed??
[man]odbc_exec[/man] does not send any login data, that is done via [man]odbc_connect[/man].
it is not necessarily PHP's job to encrypt data sent between your webserver and your database server.
I agree it is not PHPs job... but if MSSQL does not support SSH tunneling then I cannot think of another way to safely send the login credentials.. any ideas?
