> rasmus, if password.inc is being parsed by php then how would you get the
> code??? won't it just be a blank page??? oh i thought up one more ...
Include files are written to be included. They are tested and debugged in
the scope of the file that is including it. Parsing such an include file
outside of that scope can lead to security issues.
> 4. checking for html tags and php scripting when accepting data from text
> boxes
HTML tags sure, but PHP tags? Unless you are doing an eval() on the text,
the PHP tags will never get parsed by PHP.
-Rasmus
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
