How to secure database passwords in PHP?

Question

When a PHP application makes a database connection it of course generally needs to pass a login and password. If I\'m using a single, minimum-permission login for my applica

Answer 1

Just putting it into a config file somewhere is the way it's usually done. Just make sure you:

1. disallow database access from any servers outside your network,
2. take care not to accidentally show the password to users (in an error message, or through PHP files accidentally being served as HTML, etcetera.)