Steal usernames and password by forums and websites with config.php file
This search brings up sites with "config.php" files. To skip the technical discussion, this configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database.
To see view the PHP files; there in lies the catch. Browsers are made to process the commands of PHP before display, so if no commands, nothing to show. You can't use that persay to get into the config file, but it would show potential threats if someone got into server anyway. (If that happens you're basically boned anyway, not much around that.