Re: [PHP] How do you keep your scripts secure?
if someone knew the name of your include file, and it was under the webserver root (for instance, the same folder) then yes, its like any other file..you can get around this by changing your php.ini include_path variables and putting the files there, outside the webserver directory I'd agree except that I don't leave any code lying around with anything other than a *.php extension so, like you said, that'd be parsed by the server before being sent to the browser, right? I would take this to mean that my code *should* be safe...? gulp I ask because I'm such a jealous S.O.B. I've done such hard work that I'd hate to think that someone could come along and just use it all for free. Plus, there's that nastiness of having passwords in there and all that. Murph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] How do you keep your scripts secure?
If the include file has an extension that is not recognized by the server as being a "PHP" file, the server will simply serve it up as text. So, your file index.php is recognized as being a PHP file, it gets passed to PHP which parses and compiles it and returns it to the server, which passes the output back to the browser. No one can see the source for this file. OTOH, say you have a file named database.password. The server does not recognize this as a PHP file, and so simply dumps the contents to the browser as text. The user sees the raw contents of the file. Yeah, that's what I kind of thought. I keep everything as *.php files so I should be safe. Would you agree that I can stop reading all this stuff about file permissions and everything and begin to relax? My head hurts. Murph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] How do you keep your scripts secure?
Hi. So, I've written all this nifty code and I'd like to do what I can from having it pilfered. What do you do to keep your stuff safe? Murph www.murphatnight.com __ Brian Murphy - 193A Lowell St., Apt. 24 - Methuen, MA 01844 - (978) 725-6654
[PHP] Macromedia UltraDev 4 MySQL connection
Hi. I'm tearing my hair out trying to get UltraDev to talk to MySQL and I know there are some Dreamweaver and MySQL users here. I think I need some help installing a JDBC driver for this product. Any help or sympathy is greatly appreciated. Thanks, Murph
Re: [PHP] I love/hate FrontPage - need another HTML editor.
A much more realistic windows solution in half the time (and about a thousandth of the HD space :) You can add in a Step 11 if needed which is to Slap yourself over the wrist 5 times for wanting to use Frontpage in the first place. Hi, Chris. Really, thanks for the suggestion. I'm with you 100% and approached this product with a TON of trepidation. I knew I was looking at a host service that had to have something called "FrontPage extensions" installed and read the online manual for the server I chose where they said I could easily corrupt these extensions and that there'd be a fee to rebuild them. Yes, I truly love open-source because of the support from folks like you and others and because of the flexibility across a wide variety of platforms. But, let's face it, if you have a new job and the whole corporation is using FrontPage, you can't change their thinking until you've mastered their own art and then shown them some tricks that simply can't be done with what they're using. This is where I am now. I taught myself PHP and MySQL so well that I was able to impress people working in an entirely different field than where I am now. Heck, I'm just a customer service rep, for crying out loud! I'm now poised to make the big bucks like you all! Now, to be smart about this, I have to infiltrate. I have to weasel. I have to beg for some cool software. But before I can gain credibility, I have to use what they're using now and that's FrontPage, believe it or not. So, bottom line? Thanks for bearing with me and thanks to those who help me meld the open-source PHP with products that aren't quite designed to handle it because of their vested interests. THIS is where the value is for groups like this and folks like you and I thank you so very much. Yours, Murph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]