Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Databases

Martin Park
Martin Park
12,792 Points
Posted by Martin Park
Martin Park
12,792 Points

Is it safe to include a database username and password within a .php file?

I'm assuming the answer is yes but just wanted to check. Presumably a user viewing source would only see the resulting html and no way to steal your database details?

1 Answer

Steven Parker
Steven Parker
231,127 Points
Steven Parker
Steven Parker
231,127 Points

The important thing is that user does not get a chance to be "viewing source". What the user sees, and more importantly what is sent out to the browser, is a result of running the code and not the code itself.

So as long as the server itself, and the source files on it are properly protected then the answer would be "yes".