yes your code should be safe, at least from people trying to look at it
over the web...people on the server, well, that's another story...anyone
who can get into your www directory, and depending on the perms of your
files (if they have world readable) can view them...
i originally made some files 640 and chown'ed them to nobody.nobody.
That way they can be parsed, but no one else can view them. Anyone have
thoughts on this?
jack
Murph wrote:
>
> > if someone knew the name of your include file, and it was under the
> > webserver root (for instance, the same folder) then yes, its like any
> > other file......you can get around this by changing your php.ini
> > include_path variables and putting the files there, outside the
> > webserver directory
>
> I'd agree except that I don't leave any code lying around with anything
> other than a *.php extension so, like you said, that'd be parsed by the
> server before being sent to the browser, right?
>
> I would take this to mean that my code *should* be safe...? <gulp>
>
> I ask because I'm such a jealous S.O.B. I've done such hard work that I'd
> hate to think that someone could come along and just use it all for free.
> Plus, there's that nastiness of having passwords in there and all that.
>
> Murph
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
