October 6th, 1999, 11:05 PM
How best do I keep my MySQL database connection password in my PHP script secure from prying eyes?
I have PHP3 scripts running on an Apache web server and connecting to a MySQL database. To connect to a database, my script can specify connection parameters of hostname, username, and password (I say 'can' because defaults are used if these parameters are left blank).
I want access to each database to be protected by a username and password, but I don't want to explicitly hard-code the password in my PHP script. What options do I have of keeping the password hidden from prying eyes but available to my PHP script?
Thanks very much.