Creating classes won't help at all in protecting the username/password as it still has to be placed in the PHP somewhere.
If you are worried about your settings being access from the web if PHP fails then just put config.php outside the web root.
Or try putting your database info in .htaccess e.g.
Then in the PHP access it with $_ENV['mydbuser'] and so on.
SetEnv mydbuser theuser
SetEnv mydbpass thepass
If you are worried about others on the server accessing your information then the above won't help, you'll need to do one of the following.
If your host runs PHP via suPHP or the like then as already said setting permissions to 600 works, but if using use mod_php you'll probably be blocking access as PHP normally runs as nobody or the apache user.
Or you can pass all the PHP through ionCube which gives you encrypted PHP files. Good luck trying to decipher that if you encode with everything on. Just make sure you keep an unencoded copy for future work. Note: You have to encode more than just the config file for this to work.