Hello All I'm just starting to get PHP, and I'm wondering about the security of the code I write. It _seems_ that when I try to download the PHP file directly (like using Save Target As...) it will download only as an HTML file and my PHP code is gone. I've tried this on a few other people's sites, and this seems to be the common behavior. Is there a way someone can extract my php file without this transformation? What are some good security issues I should know?
One of the things I'm starting with is a simple blog/guestbook. I have a couple form fields and I strip_tags ... what else should I be doing? I want to leave the guestbook pretty open, so I don't want a sign-in and confirmation thingie. I don't even mind anonymity, cuz I can edit the comments later if I want. Thanks for your time. Gabino -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php