Where to store database login credentials for a PHP application

Question

We have a development server and a live server with different database connection details (username, password, etc).

Currently we\'re storing BOTH the database conne

Answer 1

Is this a safe approach?

It depends on your definition of safe.

every developer can see the database connection details

AFAIK, other than using the default username/password/database in the php.ini file, that problem is pretty much unavoidable (and using the defaults mean they've automatically got access to the database anyway).

I guess you could use different include files encrypted using zend encoder with a function which returns database handles - and set up the scope and permissions for different files, but its tricky to isolate the PHP code the underlying data. Another approach would be to restrict everything to webservices and implement an extended permissions model in the webservice tier.