OR you could tell apache to parse everything that ends with .inc with php.
you can name it .inc .linux .linuxsucks .microsoftsucks
(you'll need to have access to http.conf or .htaccess+right to override ...)
sebastian
> -----Ursprüngliche Nachricht-----
> Von: Rick Hodger [mailto:[EMAIL PROTECTED]]
> Gesendet: Mittwoch, 14. Februar 2001 09:51
> An: [EMAIL PROTECTED]
> Betreff: Re: [PHP] Bad Practices
>
>
>
> "Jeff Oien" <[EMAIL PROTECTED]> wrote in message
> [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> > Would people like to list bad practices and also point us
> > newbies to any articles online dealing with syntax, correct
> > use of single and double quotes etc.?
>
> People who create scripts that include a need for access to a
> SQL database,
> meaning you need to give it a username and password then
> making the damn
> configuration file be called something stupid like config.inc.
>
> When you are scripting, using anything with a .inc extension
> is just asking
> for trouble. If someone requests that file, it'll get passed
> straight to
> them. It's a .inc, which means that PHP does not know to
> parse it. Which
> means, that person can see your usernames and passwords. And
> because it's a
> public package, they're far more likely to know the path to said file.
>
> --
> Rick Hodger
>
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail:
> [EMAIL PROTECTED]
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]