php store database access credentials outside of public

Question

I have looked around on this problem, but have not found a solution. What I have found is to either use an ini file (which most replies follow to say anyone can easily grab and read these files), and to store them in another database (obviously, would not be any more safer than now, because other database credentials would be exposed - leaving access to original database). Pretty much all I found was either unanswered or answered with the above two, supposedly unsafe, options.

How can I keep my database access credentials safely outside of public eye? I currently have them directly placed in the PHP using variables. I am using GoDaddy as my host, and PHPMyAdmin for database usage.

Answer 1

Best answer so far, having an 'ini' file outside of public access (same folder as httpdocs for me) that holds login information. Then in PHP, access the file and parse it using:

"parse_ini_file(FILELOCATION)"

Here it is, in example of my usage:

access.ini (in same folder as httpdocs)

[database] 
dbhost = xx.xx.xxx.xxx:xxxx
username = xxxxxxxxxxx
password = xxxxxxxxxxxxxxxx
dbname = xxxxxxxxxxxxxx

page.php (in folder httpdocs)

$DatabaseAccess = parse_ini_file('../access.ini');
dbhost = $DatabaseAccess['dbhost'];
username = $DatabaseAccess['username'];
password = $DatabaseAccess['password'];
dbname = $DatabaseAccess['dbname'];

It so far continues to work, and feels secure enough. Also makes it far easier than remembering to delete/replace database credentials when getting help on any bit of code.