Let's say we have two users on one server, user1 and user2.
user1 is running a database connectivity script in his home directory. user2 finds out the path of user1's database connectivity script and runs the following code:
<?
$string = implode("", file('/home/user1/script/connect.inc'));
print "$string";
?>
user2 is able to read all of user1's database connectivity information from his browser. How should user1 protect his connectivity script (connect.inc) from being read by user2?
