I belive you can have the file atleast one directory below your root web folder (so web surfers have no access, just your script). Also since the HTML->PHP is unsecure over HTTP, look into HTTPS , I believe this is related to SSL (Secure Socket Layer). Without SSL, you will be POSTing your user/pass enter from the HTML form in plain text, which is always a target for packet sniffers.
Hopefully that will shed some light, BUT I myself am not familiar with SSL so please check with a more experienced/knowledged person. "Roman Duriancik" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > If I want to secure the access to the database by asking for passwd, what > should I do ? I suppose I need a secure connection to transfer the username > and passwd between HTML form and the script - how do I make that ? > How do I secure the database file with passwords and user names so that > it cannot be accessed by anyone, just by allowed users ? > > thank you > roman > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
