DeanWhitehouse Posted January 12, 2009 Share Posted January 12, 2009 When reading up on some security measures i read about using environment variables for storing the database connection info (password, username etc.). But it said they are printed in PHP info, so it is a safe measure for storing the db stuff or is their a better way? Link to comment https://forums.phpfreaks.com/topic/140575-environment-variables-good-or-bad/ Share on other sites More sharing options...
Mark Baker Posted January 12, 2009 Share Posted January 12, 2009 When reading up on some security measures i read about using environment variables for storing the database connection info (password, username etc.). But it said they are printed in PHP info, so it is a safe measure for storing the db stuff or is their a better way? Not particularly safe. The best method is to define the values as variables, or as attributes of a class, in a config.php file (or equivalent), and to include that file within your script; preferably stored outside of the htdocs directory tree. Link to comment https://forums.phpfreaks.com/topic/140575-environment-variables-good-or-bad/#findComment-735660 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.