If i have a php script which connects to a db then i have my user name and password in it. How do i stop some one remotly opening the file and echoing each line ? Thanks Al
No problem, he/she can open (remontly) your file just via http:// ( I suppose). In this case he/she will see the PHP output, not the source.
PM
There is a chapter in the php manual about security. The best solution is to put sensitive include files in a directory that cannot be accessed from HTTP through the web server.
if passwords and sensitive variables are stored in files, give them a php extension.
