[never made it to list, no idea why - been 26 hours - resending.] [ may have been since it had reply-to field before to - funny...]
Gael Lams wrote:
Hi all
I use the classic following rows to connect to a mysql database. I always put $passsword in clear in the php connection file and I wonder whether there is a way to have it in md5 so that someone reading the file could not use it to connect to the db. I googled a bit but find only threads explaining how to have password saved in md5 inside a mysql table which is not I would like to do
[snip]
No. Think about it - if your script is able to connect using this MD5 hash of the password - anyone who could read that script could similarly just connect using the MD5. Store your password in an included file outside of the webroot.
Cheers, -- - Martin Norland, Sys Admin / Database / Web Developer, International Outreach x3257 The opinion(s) contained within this email do not necessarily represent those of St. Jude Children's Research Hospital.
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
