Hello,
I just noticed something very concerning and hope someone has some
answers...
I'm running php 4.2.3 under W2k IIS as a .dll.
I have a directory set up with no anonymous access to it and security set to
"Integrated Windows Authentication".
If I try to load the page directly from the browser
"/my_site/my_secure_directory/password_protected_file.php" I get the
password dialog from Windows asking me to log in.
On the other hand:
If I require the file from a non-protected file; say "/index.php" has the
line:
"require('/my_site/my_secure_directory/password_protected_file.php');" in
it, I'm not asked for a password and the page is included in the output.
Is there something I'm missing here, or is this a bug?
Thanks in advance.
j-
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
