It's also possible (if you're allowed to change the httpd.conf file) to put
in a <filesmatch> directive, something like
<FilesMatch "\.(htaccess|inc|log)$">
Order deny,allow
Deny from all
</FilesMatch>
Then no-one can directly access files with those extensions. You can still
include them (that doesn't require a separate fetch). That would eliminate
the need to go changing a bunch of files if you don't absolutely have to.
Me, I'll always opt for the easiest way out (chickeeennnnn!)
Regards,
Bill
-----Original Message-----
From: Matt Kaufman [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 30, 2001 6:01 PM
To: [EMAIL PROTECTED]
Subject: Re: [PHP] Find and Replace
Oh, vi has a find and replace feature if you want to do it through the
terminal.
Matt Kaufman
----- Original Message -----
From: "Shrout, Ryan" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 30, 2001 12:06 PM
Subject: [PHP] Find and Replace
> This isn't exactly PHP I need help with, but it relates to what I learned
> about security. Up until now, I have been using *.inc extensions for my
> include files. Well, I didn't realize until recently that anyone can view
> these files. So, I want to rename them to *.inc.php. BUT, in almost all
of
> my PHP pages, there are links to : include ('mydir/myfile.inc');
>
> Can someone tell me how to do a recursive find and replace to look for
> /myfile.inc and replace it with myfile.inc.php? I am running Red Hat 7.1
>
> Thanks!
>
> Ryan
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
