Hi, On Wednesday 30 June 2004 09:58, Bob Hockney wrote: > Hi there, > > I wrote a php script that accesses a database, and I am > wondering about securing the password to the database. I > could prompt the user for the password every session, but > I don't necessarily want the user to have the password.
You mean the password for the database? Why would the user need that? If the users need a password to access the site, then create one for the *site*. Only you and your scripts need to know what the password for the database is... > Unless I'm missing something, any on-disk place I store > the password needs to be readable by PHP, and therefore > isn't very secure. I have restricted the rights of the > database user, but I'm wondering how others have dealt > with this, or maybe I'm completely missing the point. Or, am I missing the point? :) - E - -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php