>How can I protect my php files among other files like templates
>(.inc) and mysql config (config.inc) files being copied/read/imported
>(front page)/used by other applications other than my site...
>can this be done by htaccess? is so , could anyone point me into right
>direction?
I have renamed my sensitive (those containing l/p for mail and mysql)
files to .php and constructed them to render a blank page if ever
directly called.
Something like this:
<?
All the sensitive code
$db_login = "user";
$db_pwd = "password";
$mail_login = "mail";
$mail_pwd = "pass";
?>
<html><head></head><body></body></html>
I do not think that -r to everyone would work in that Apache still needs
to read the file when included by another script.
Still looking for a better way. What concerns me the most is if a code
disclosure bug is later discovered in 4.3.0 or another version.
Bryan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
