a better approach than storing mysql password in plain text in config file?

Question

It\'s always bothered me that many PHP programs require the user to store the mysql password in plain text (in a string or constant) in a configuration file in the applicati

Answer 1

You can set enviroment variables in .htaccess file, for example:

SetEnv DBuser sesame
SetEnv DBpass street

And later in your code read, use and delete the entries.