PHP Security

Even better, create a file that only root can read, /path/to/secret-stuff.


SetEnv DB_HOST "example.org"
SetEnv DB_USER "myuser"
SetEnv DB_PASS "mypass"

Include this in httpd.conf.


Include "/path/to/secret-stuff"

db.inc is better now.


<?php

$db = mysql_connect($_SERVER['DB_HOST'], $_SERVER['DB_USER'], $_SERVER['DB_PASS']);

?>