I’m working on a project that needs to have users log into a MySQL database. I’m working through making an authentication system(auth/user table with their names, email, hashed password etc, php session), its more work than I realized but am making my way through it. I’m a little confused on the initial connection to the database though. I’ve read to keep it outside of the document root for the site, which I can do, but not sure how to reference it. Here is what I was thinking:

Document root for site:

/var/www/public/example.com/public/ {index.html,css,img,etc}

Could I safely place the db_connect info here:

/var/www/public/example.com/private/ securephpfunctions.php

I’d then have one line in all my php files:

<?php
// include in all files that need to do stuff
require_once('examplecom_fns.php'); 
?>

Inside examplecom_fns.php is:

<?php
// include in all files
require_once('/var/www/public/example.com/private/securephpfunctions.php');
require_once('forms_fns.php');
require_once('outputs_fns.php');
?>

After this, I assume I can call my DB connect function to insert new users info into the DB, use for not signed in users searching public entires, etc. Is that correct/OK? Is there a better or more secure way to do what I’m trying? Am I way off base?