Any way to hide MySql connection data from FTP users?
Ultimately, if code running from within an FTP user’s space has to read that data, that FTP user (the one whose user CGI runs under for a domain) must be able to read it.
I suppose you could encrypt it with an encoder (zend, ioncube, etc) though that can present it’s own problems. What, precisely, are you trying to do and why do you not want a user to be able to see the code they (their site) is actually running?
1)You could add the connection data dynamically from your program rather than having the connection data stored on the server. So you would be asked for the Database User password when you ran the program.
The password could then be placed in a variable for the rest of the session. In future sessions your browser might even cache it for you if you want it to.
2)Poke everybodys eyes out with a sharp stick!
Opinions are my own views, not DreamHosts’.
I am NOT a DreamHost employee OK! :@
Act on my advice at your own risk!