# Hide MySQL Database Connection Info in PHP



## takua108 (Jan 4, 2006)

I'm writing an online user stats tracking system that can be used by any developer on any programming language here: http://topdown.sourceforge.net/stats . I'm a n00b to PHP and MySQL, but I catch on pretty quickly :grin:, and I've written this entire system myself, sans the 3D line graph.

What I need to know is how can I hide the database connection info (database,username,password) in a file and hide it somewhere where nobody can get to it, but my pages can?

I'll elaborate if I need be more specific.


----------



## jackall (Jan 26, 2006)

*Hide your database connection*

Easy when you know how!
Just put the connection data in a text file (e.g, connect.txt) and ftp it to the folder above the root folder where there's no public access. You can call it from your php file using <? require "../connect.txt" ?>




takua108 said:


> What I need to know is how can I hide the database connection info (database,username,password) in a file and hide it somewhere where nobody can get to it, but my pages can?
> 
> I'll elaborate if I need be more specific.


----------



## takua108 (Jan 4, 2006)

I tried something like this: I used defines in a file hidden sort of how you described it...I think. Is this right?
Here's the directory structure:

[]root
||=[] htdocs
|| ||= (all of the PHP files here)
||=[] private
||= include.php

With include.php being the file that has all of the defines, and the htdocs being the publically-served folder.


----------



## MoralTerror (Nov 19, 2005)

you should never store passwords in a plain text file :4-thatsba 

Instead of connect.txt save as connect.inc.php


----------

