0

Based on the answer at How to secure database passwords in PHP?, php file with sensitive content should be move out of the source code. Where in the server should I put them?

I have a php file that I put outside the wwwfolder in wamp and accessing them using an absolute path C:\wamp\apps\phpmyadmin4.0.4\libraries\config\sql.php. In my php file, when I try to use mySQL, I will include the file using:

<?php 
  include 'C:\wamp\apps\phpmyadmin4.0.4\libraries\config\sql.php'; 
?>

Is that secure? or is there another way to do it?

Community
  • 1
  • 1
PaulPolon
  • 319
  • 1
  • 5
  • 17
  • 1
    i think as long as this is out of your public_html folder on the live server, you should be good. – Rotimi Apr 21 '17 at 07:52
  • Most of php frameworks uses project/public/ for remote acces files such as index.php, css, js, img, ... and project/private/ for the application config, controllers, models, views, ... You don't have to get those files out of www/ directory. – zenko Apr 21 '17 at 07:55

0 Answers0