I am new to php/sql, please forgive what must be a very basic question.
I created a simple php form and have it send the data to a 2nd php page which then inputs the form data into a sql DB.
I have it working 100%, but a question comes up now that I have done so.
In my forms target php file it uses the baic connection method
mysql_connect('host', 'user', 'pass');
all fine and good, BUT a person can simply view the source code of this second file and see the database user/pass.. is this not a security risk?