well, besides the fact that your code is interpreted
and the only data that makes it to the browser is
what you decide to output (or error message, but they
can be turned off/silenced)
i dont see how a surfer could get your PHP source code
via the webserver.
> -----Original Message-----
> From: Jerry Lake [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 30, 2001 6:42 PM
> To: [EMAIL PROTECTED]
> Subject: RE: [PHP] sanity check please
>
>
> you can put you database connection
> in a file below the web root
> and include it into the script.
> that way it isn't visible in the source.
>
> Jerry Lake - [EMAIL PROTECTED]
> Web Designer
> Europa Communications - http://www.europa.com
> Pacifier Online - http://www.pacifier.com
>
>
> -----Original Message-----
> From: Les Neste [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 30, 2001 3:01 PM
> To: [EMAIL PROTECTED]
> Subject: [PHP] sanity check please
>
>
> Hi,
>
> I have a question about security with PHP. I'm building a site with PHP
> and some of the scripts connect to MySQL. All someone needs to do to get
> my MySQL passwords is view the PHP source, right? And the recommended
> approach around this is to use Zend, right?
>
> Please correct me if I'm off base here. TIA!
>
>
>
>
>
> ............................................................................
> Les Neste 678-778-0382 http://www.lesneste.com
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
