Hi,
I know that properly configured servers do not deliever raw php to web users, and I also an aware that a properly configured server and permissions, can prevent casual users reading them, however, I am paranoid.
I typically use include statements to files containing obscure 'defined' password strings, however, these are stored as plain text.
I there anyway I can tighten this further without imposing impracticable security measures. [crypt/hash?]
Phil
