I suppose include() can be used to include files from remote systems(not on

So, How can I protect my script from unauthorised inclusions ?

A webmaster on the same server can always use a path like
"/home/htdocs/.../config.php" and include my config .php which contains my
database password !!

Even a web master from a remote server can do the same by probably using

I am using windows 2000/apache/php so I really have not tried these...but
the docs say it can be done(remote system inclusion except on win)

Lord Loh.

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to