In setting up NLM, the settings file requires the site's admin login ID and password to be placed in the file in ASCII text. That to me seems like a security risk. In the event that someone gained entry to the site and was snooping around they might discovered this file. Then they'd have complete access to change anything. What am I missing?
Also, I assume the mySQL ID and password can be different than the admin ID and password in the settings file. When does this mySQL ID get used? Is that the one I need to put into my php templates or is it the admin ID?
Also, I assume the mySQL ID and password can be different than the admin ID and password in the settings file. When does this mySQL ID get used? Is that the one I need to put into my php templates or is it the admin ID?