Welcome to WebmasterWorld!

you should have your conn script away from root or related directories
for example: /var/www/

Hi henry, Thanks for your reply & to say welcome coz its my first post on webmaster...
Actually my prob is i need to deliver a website which will connect with other server database to fetch few details so i dont want to give that database details for other data security...anyway to connect with database server without saving any conn file or code on website server..

If I understand
A) you do not need to save it
B) thus you do not need a permanent conn

may be you could pass the conn values as var
and when the job is done overwrite with "empty" or delete those vars

And encrypting those values?

What you could do is have a file on server 1 called config.php, which stores database names etc in variables eg

$db1host
$db1user
$db1password

Then on the server where you dont want to put these files make a connection to this file and read the variables out. (you would have to set in your privilages for that user to be able to connect from any host.

Alternatively (assuming you are using mysql) you could set privilages for a specific user and only give them certain privilages on a specific database, or a specific table. So if you are worried about security just use the user who only has SELECT privilages on that specific table, so even if they have the username / password it is no real use to them.

Ally

You might try Zend Guard to encrypt your connection file, that way it is at least obfuscated.

Another option is to have a script on the one server that queries the database and outputs the data for the other server to get. It really depends on what you are doing to know if this solution will work, but it is a valid one.

If I were you, I would set up a user with privileges only to select on those tables, as was already mentioned. Sending the authentication information is not a good idea whether it is "encrypted" or not.