-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Justin Giboney Sent: Wednesday, July 11, 2007 4:17 PM To: UPHPU General Discussion Subject: Re: [UPHPU] PHP/MySQL Security
He was talking about a .inc file. Which I have never used. Is there a good purpose for using a .inc? I guess it would be easier for the next developer to understand what a certain file is, but I just put all my includes in an include folder. Justin Giboney > > I believe he's being extra careful, in the rare event that PHP > might break and Apache serve up .php files as plain text. I've seen > it happen once. > > Here is another reason: If you haven't configured your Apache (or which ever) webserver to send .inc files through the php engine then they will be dumped as text files - allowing all to see the contents. That is scary, and I've seen it happen -Rusty Confidentiality Warning: This e-mail contains information intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient or the employee or agent responsible for delivering it to the intended recipient, any dissemination, publication or copying of this e-mail is strictly prohibited. The sender does not accept any responsibility for any loss, disruption or damage to your data or computer system that may occur while using data contained in, or transmitted with, this e-mail. If you have received this e-mail in error, please immediately notify us by return e-mail. Thank you. _______________________________________________ UPHPU mailing list [email protected] http://uphpu.org/mailman/listinfo/uphpu IRC: #uphpu on irc.freenode.net
