One way to handle this is to put your password (along with any other
database details)
into a config file (eg. yoursite.cfg) and include/require this file in
your script. The config file can then be stored outside the web tree,
and referred to with an absolute path.
Mick
On Tue, 30 Jan 2001, Egan wrote:
> I know that ~.my.cnf with
>
> [client]
> password={mypass}
>
> is the recommended method of securing your MySQL password when using a
> shell command line to access MySQL.
>
> But what is the recommended method for MySQL password security via
> PHP? Is there some way to make it use the ~.my.cnf file?
>
> It seems to me that if you hardcode a MySQL password into your PHP
> source code, it could become exposed inadvertently.
>
>
> Egan
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
