My connection.php
file stores the credentials to connect to the database:
<?php
$objConnect = mysql_connect("localhost","username","password");
mysql_select_db("selectDB", $objConnect);
?>
When a page need to connect the database I just use <?php include("connection.php"); ?>
.
Is this safe? Can hackers steal my credentials from that file?