Hi .!
First of all . Pardon if my last mail was not undestable !!
Then Richrad said that, the following is a cons of my solution :
" A simple debug statement to dump out all of ENV / $_GLOBALS will expose
the password. So you have to ask yourself if you and all your employees
and all the scripts you ever install, including any forums etc, are for sure
never ever going to dump that password out in an attempt to debug something
else. " ...
This is not triue because a shell vars declered on a shell is only exposed
to its subshells, that means that only exec's and system functions calls
into the php itself resive those vars declared into the php !
You can see this argument in the following code
<?php
error_reporting(E_ALL);
echo "OLD <pre>";
system("env");
echo "</pre>";
putenv("DBNAME=sidf");
putenv("DBUSER=p");
putenv("DBPASSWD=p");
echo "NEW <pre>";
system("env");
echo "</pre>";
?>
and reloading these a couple of times.
