In the ini-files for my php-projects, I store various settings. Two of them is username and password for my mysql-connections.
Is it safe to load these two into session variables when a user logs in to my application? Or is it better to access the ini-file each time a mysql-connection is needed?
What I don't understand, and hence the questions, is wether session variables are accessible by my website's visitors, or just to the php-scripts on the server.
-- anders thoresson
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
