But, in general terms, what if someone gets your db login and password. Say by a (temporarily) mis configured web server showing the php code in plain text? Would a potential hacker use telnet or something?
I know it's not allowed to show code to exploit on this forum, but a general explanation would be fine.
(and the reason I ask is because I stumbled upon some source code of a website with it's db credentials in plain text. I think due to misconfigured server or error in the code. I will contact the owner to warn him. I could probably try and figure something out myself, but obviously I don't want to do that for legal reasons