Cody..... > Now to connect to the DB via PHP, I have the password hard coded (which is in clear text). > > Here is my question: Is there a way around storing the password in clear text? But no user can ever read that clear text, right? They should only get the PHP script output which normally wouldn't contain the user name and password..... There can be a danger of other users on the machine being able see the clear text password if it's a shared machine and if they are able to read the script, though! Of course that didn't answer your question...... maybe somebody else knows a way around storing it in clear text. BTW, for the best security you should be sure and run PHP with register_globals off in the php.ini config file, read about it at http://us4.php.net/register_globals Sorry if I'm telling you a bunch of stuff you already know anyway....... brew
