I am currently working on some authentification and cryptography stuff. I thought about implementing my APP_SECRET (aka Salt) globally with define.
The problem is I do not want to put the APP_SECRET in my index.php due to security reasons. Which is the next but earliest executed file I should insert my APP_SECRET in?
It is a better idea to set it in your config file. That is what it is meant for. See Zend_Config.