When I'm creating database driven asp applications, I store my constants,
including my connection string to the database within an asp file called
constants.asp. All constants are stored inside asp coding <% ... %> so
people can't save the data through the web.
I've been told this is an insecure way of storing the connect string becuase
my connect string would also store the username and password to connect to
My question is, what is the current standard for storing an connect string
to a database for asp applications?