DeanWhitehouse Posted January 12, 2009 Share Posted January 12, 2009 When reading up on some security measures i read about using environment variables for storing the database connection info (password, username etc.). But it said they are printed in PHP info, so it is a safe measure for storing the db stuff or is their a better way? Quote Link to comment Share on other sites More sharing options...
Mark Baker Posted January 12, 2009 Share Posted January 12, 2009 When reading up on some security measures i read about using environment variables for storing the database connection info (password, username etc.). But it said they are printed in PHP info, so it is a safe measure for storing the db stuff or is their a better way? Not particularly safe. The best method is to define the values as variables, or as attributes of a class, in a config.php file (or equivalent), and to include that file within your script; preferably stored outside of the htdocs directory tree. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.