> > > 1. always use ".php" (or > > > ".php3" for earlier versions) file name extensions for > > > include files, otherwise, crackers can view your > > > code. > > It should be writen in other way. We should warn about that > danger and inform about few methods of solving that problem. Way > other than shown above is to set .inc (or any other) extension to > be parsed by webserver.
OK, this letter can give us something to talk about give ideas together and expand that security chapter... Goba
