On 25 Jun 2003 at 16:42, Dan Joseph wrote: > Store that file outside the docroot. That way there is no chance > they can > get it from the web site. I myself use an ini file that is no where > near the docroot, and use parse_ini_file() to load the DB > information in, and then I connect to it. This method passed our > security audit with flying colors. > > A sample of what my ini file resembles is: > > [mysql_info] > host = 192.168.1.1 > uid = username > pwd = password > dbn = database > > They end up in a $INI array, and the fields are $INI['host'], > $INI['uid'], > etc.. You can read more about that function @ www.php.net.
I am just beginning to use php and mysql together (I'm new to both). I am having trouble getting this to work in what I think is a very simple test. I have created mysql.ini, and put it outside the docroot: /myhome/mysql.ini. This file, in its entirety, is: [mysql_info} host=spore.org uid=myuserid passwd=mypassword Then I created a webpage with nothing more than the following: <?php parse_ini_file("/home/revref/mysql.ini"); echo $INI; ?> When I point my browser to that page, I am getting the following error message: Warning: Error parsing /home/revref/mysql.ini on line 4 in Unknown on line 0 Help is greatly needed. Doug -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php