This may seem like a really simple question but I am unsure what steps I need to take to porperly secure my php code on the website I am currently building. I am using php and mysql to build a database driven website. Now certain bits of code need to be inaccessable by anyone using the site, such as the username and password used to connect to the database.
I was trying to see what should be used to do this (had ideas about using the 'require' function to call on files from a path not available from the internet) and noticed that php doesn't show at all in the IE 8 view source.
Is php hidden in some way?
I am wondering if I am missing something really important and would be glad of any info or advice anyone is able to offer as I don't want to leave something out in the open which shouldn't be and have problems