For a start, please don't cross-post.
Secondly, people don't see these files because the PHP engine parses them.
However, you could remove each of the parameters to an include file outside
the web tree and have PHP read it.
Set the include_path in php.ini
Thus in a file named parameters.inc you can have these lines:
$hostname = "12.34.56.78";
$user = "username";
$password = "password";
$dbname = "database";
and change your connection string as follows:
include 'params.inc';
//maybe some other stuff her
$conn = mysql_connect( '$hostname', '$user', '$password');
mysql_select_db('$dbname',$conn) or die( mysql_errno()." :
".mysql_error());
There has been a lot of discussion on this topic, even within the past ten
days, so a search of the archives will give you the full discussion.
Regards - Miles Thompson
At 01:37 AM 1/28/2002 +0100, Duky Yuen wrote:
>How can I secure my username and password? In 1 of my files, it contains
>the following:
>
> $conn = mysql_connect( "12.34.56.78", "username", "password");
> mysql_select_db("database",$conn);
>
>What should I do, so people can't get this information?
>
>Duky
>
>
>--
>PHP Database Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
