A monthly magazine for PHP Professionals. Get your copy
> today. http://www.phparch.com/
>
> > -Original Message-
> > From: Jacob Copsey [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 15, 2003 3:53 PM
> > To: [EMAIL PROTECTED]
> > Subject: Re: [PHP] Sec
> I am beginning work on a new web-based application using PHP and
MySQL. I
> have been doing a lot of reading about PHP security and web
application
> security in general to make sure I am up-to-date on what is known in
this
> area.
>
> My style of PHP is to name all included files with a .php ex
Get your copy
today. http://www.phparch.com/
> -Original Message-
> From: Jacob Copsey [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 15, 2003 3:53 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [PHP] Security in included PHP files
>
> I agree these are good solutions and I have c
--- Jacob Copsey <[EMAIL PROTECTED]> wrote:
> I agree these are good solutions and I have considered
> them. However, I am looking for an all-inclusive
> solution that is code only within PHP that allows the
> admin of the application to copy the files to their
> server and not need to do any serve
Have you thought about moving your include files outside of the web
directory?
i.e.If your site is in ../apache/htdocs/web/mywbsite_folder
then move your include files to ../apache/my_include_folder/ or something
similar.
-john
=P e p i e D e s i g n s
www.pepiedesigns.com
Providing Sol
I agree these are good solutions and I have considered them. However, I am
looking for an all-inclusive solution that is code only within PHP that
allows the admin of the application to copy the files to their server and
not need to do any server specific configuration. That is why I don't name
the
--- Jacob Copsey <[EMAIL PROTECTED]> wrote:
> My style of PHP is to name all included files with a .php
> extension and of course this raises the problem of people
> accessing these script files directly.
I always name included files *.inc myself, but that's a
personal preference combined with a s
True. But let's just call me anal retentive. :-) Let's say I didn't have the
option of doing what you suggested. Are my ideas sound? Also, those ideas
apply to top-level PHP scripts in an application.
Jacob
"Kevin Stone" <[EMAIL PROTECTED]> wrote in message
007801c2bcd4$02d000f0$6601a8c0@kevin">n
-
From: "Jacob Copsey" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, January 15, 2003 1:02 PM
Subject: [PHP] Security in included PHP files
> I am beginning work on a new web-based application using PHP and MySQL. I
> have been doing a lot of readin
I am beginning work on a new web-based application using PHP and MySQL. I
have been doing a lot of reading about PHP security and web application
security in general to make sure I am up-to-date on what is known in this
area.
My style of PHP is to name all included files with a .php extension and
10 matches
Mail list logo
