Re: [PHP-DB] Include

Tom Carter Sun, 19 Aug 2001 01:00:46 -0700
   Yes that is correct. On a security point of view therer is something
extra you can do.. when using require you can require files that are outside
the web tree...by this I mean are not accessible thru the internet. So if
you site was in /home/web then you could setup a directory, say
/home/web_vars and in this put these kind of files.

In the require statement you just then simple put in the full path, eg
require("/home/web_vars/vars.php");

The advantage of doing this is security When the file with such sensitive
information is included in the web tree then there are (admittedly limited)
possible scenarios in which this could be compramised. It is generally
accepted that it is sensible to avoid putting such information in the web
tree.

Hope I've been clear, let me know if you need any more advice.

> so in var.php i will put something like this
>
> $db="mydatabse";
> $username="myusername";
> $password="mypassword";
>
>
> and so on?
>
>
> --
> Cross Walk Central
> www.crosswalkcentral.net
> Support Center
> Your Web Hosting Community!
>
> "Seb Frost" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > chuck all the common variables in var.php
> >
> > then just put
> >
> > <?php
> > require("var.php");
> > ?>
> >
> > - seb
> >
> > -----Original Message-----
> > From: CrossWalkCentral [mailto:[EMAIL PROTECTED]]
> > Sent: 19 August 2001 03:18
> > To: [EMAIL PROTECTED]
> > Subject: [PHP-DB] Include
> >
> >
> > OK here is one for you folks that know what you are doing.
> >
> > I am making a script and I have about 5 php files in it. That have alot
of
> > the same system variables can I create one file with these settings in
it
> > and if so any one want to give me some hints on this
> >
> > thanks again.
> >
> > --
> > Cross Walk Central
> > www.crosswalkcentral.net
> > Support Center
> > Your Web Hosting Community!
> >
> >
> >
> >
> > --
> > PHP Database Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> >
>
>
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>


-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] Include

Reply via email to
