On Tue, June 12, 2007 7:01 am, Ross wrote: > I have a page of functions that I include in my page head. In this I > have a > function to connect. I can then just call this on each page when i > need it. > Does doing it this way cause any potential security risks? Of course there is risk. Everything involves risk. That it is a NECESSARY risk does not make it not a risk. The risk is that you now have your password written down somewhere. The questions to ask yourself are: Who can now read this password that shouldn't What can they do with that password that they shouldn't You can REDUCE the risk by making it difficult for people to read the file. In particularl, it should not be in the web tree with all your .htm and .php files, but in a separate directory, outside the web tree, so that nobody could possibly surf directly to it and read it as text. Start reading here: http://phpsec.org/ -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
