Where to put the database sensitive information [duplicate]

I don't know if this is what you are looking for:
You can put your sensitive data in your db.php, but outside the web root directory (public_html or www).

For example, you could have a directory called config which is a sibling of your web root directory, and store your db.php file there.

You can include your db.php file like this:

require_once('../config/db.php');

I hope this helps.

I would personally create a file called db.php and place this above the public_html folder on your server

for example

<?php    error_reporting(0);    $link = FALSE;    $link = mysql_connect('hostname', 'username', 'password');    if ( ! $link)    {        die("Couldn't connect to mysql server!");    } else {        mysql_select_db('databasename');    }?>

This turns off error reporting at the same time as connecting to your database, from your index.php you would include the file like so:

<?php require('../db.php'); ?>

Its fine to put it in a db.php file, just use require_once() just after the opening <?php tag of each document.

If basedir restriction is not in effect, move db.php file outside of your web/ftp root that way its definitely not accessible via http/ftp. Make sure permissions are set properly on this file though.

Since you aren't using OOP or an MVC structure for your code this is the best route to go.