MySQL security in PHP scripts?

You're probably fine, but just to make sure, you might want to save the connect function in a separate .php file and save that to a directory on your server which isn't publicly accessible (e.g., create a directory in your server's /home/ directory "upstream" of the /public_html/ directory). Then, access it with an include in the scripting on each page needing it.