Hi all ! I am working on a website which is being developed using PHP-MySQL. I have to access the mysql database using username - password. The problem I'm having that I have kept username password in another file and used it as variables in wherever I need to connect to DB. I have one file with username password: Code: File.php --------- $username="root"; $lhost="localhost"; $secret="bhullarz"; $dbn="sample"; wherever I want to use it, I do the following: Code: require("file.php"); $con=mysql_connect($lhost,$username,$secret) or die("Server not Available"); But I don't think It's a secure practice as anyone can copy your website using website downloaders and can see the password. Is there anyother way to secure the password.
PHP file would never give the output what its there in the variable unless you do some echo or other stuff. I am damn sure the site is more secure than you are thinking of.
Ok. Thanks Shabbir. I tried few website copiers to download the website, which downloaded only HTML pages. It means PHP page won't be downloaded ?