> 1. Where should I store my password/username? I know there is a section
> in the manual, but it's not completely applicable for our situation,
> since we share the database with others and we don't have full access.
> 2. If I have the password in my .php3 files is this secure? Is there a
> way to store the .php3 files outside the web root? How can I access
> these files then?
Users can only see the parsed php3 files so I suppose it is secure.
I keep all the connection stuff in a separate file outside the webroot and
include it just to be safe.