this is a snippet of pdo database example using mysql I got from a book
attached as snippet to this message
and this is a paragraph of the same book:
In the database connection examples we just saw, I included my access credentials
within the DSN, or in the $user and $pass variables, but I did so for illustration
purposes only. This is not standardÃƒÂ¢Ã‚Â€Ã‚Â”or appropriateÃƒÂ¢Ã‚Â€Ã‚Â”pra
ctice, since this informÃƒÂ‚Ã‚Â
ation can by misused by malicious parties to access your database.
now my question is how can I make that example secured as much as I can?
what is the most secure way to pass my credintials to the dsn?
can you please send me an example to illustrate the details or point me to a link that do that ?
thanks in advance
$dsn = 'mysql:host=localhost;dbname=world;';
$user = 'user';
$password = 'secret';
$dbh = new PDO($dsn, $user, $password);
catch (PDOException $e)
echo 'Connection failed: ' . $e->getMessage();