I have an HTML file with a Form on it, where once the user clicks "submit", a PHP file is called which connects to a MySQL database and updates it with data from the Form.
Question is, how do I mask/hide the passwords to the MySQL database in my PHP code file?
I'm reading all sorts of things about working with "config" files and/or moving things into different directories so as to prevent others from accessing them - I get it in theory - but what are the actual steps I'm supposed to take to make this happen? Like where do I start? What's step #1, what's step#2, etc? Everyone seems to offer little snippets of code, but I haven't found any good start-to-finish tutorial on this.
I called GoDaddy - where my account & DB are sitting - to see if their tech-support guys could help - no one was able to tell me what exactly to do, where to start, etc.
Can anyone out there help?
I think the other answers here are missing the point. If I'm not mistaken, you're talking about your mysql user password. The one which you use to establish a connection to the database in the first place. Right?
Well, you don't hide this. It's in a php file which is code. The public can't read your code (assuming your server is secure) so don't worry about that. Yes, your password is stored simply as text in a php file. It's fine.