Question : Where is the db connection info located?

I'm a .NET programmer by trade but have been given a PHP website to work with. It's a copy of an SMF 1.2 forum. I've successfully copied all the files to my local development environment and imported the database. The only issue now is that the website needs to point to the local database rather than wherever it's pointing now. In .NET I can modify this in the web.config file. I don't know how to do it in PHP using SMF 1.2. Can anyone help?

Answer : Where is the db connection info located?

I presume this is behind a corporate firewall, and users have to VPN into it to hit this payroll system page.

That's foremost.  It shouldn't be published directly to the 'net -- anyone can and will find it, and bruteforce passwords, hack away, etc.

So that way, you're limiting to your home users.  Still not ideal for the points you bring up, primarily: they may not have up to date/patched/secured PCs themselves.

Which means, for instance, they could be compromised, and with keystroke loggers on their PCs, which gives anyone full access to your site, including VPN info -- if your VPN is limited to username/password for security.

You should consider additional security measures, like, ensuring all machines that connect are 'sandboxed' until they're patched and up to date/virus scanned, etc -- then allow access to internal network.  Not foolproof, but a good start.

foolproof is not allowing it to begin with :-)
Random Solutions  
 
programming4us programming4us