What is the best practice for storing sensitive configuration values like database passwords in PHP applications?
-
A
Hard-code them directly in PHP source files
-
B
Store them in .htaccess files inside the web root
-
C
Use environment variables or config files stored outside the web root
-
D
Encode them with base64_encode() before embedding in source files