On Thu, 02 Jun 2005 00:44:12 -0400, in php.general [EMAIL PROTECTED]
(Chris Shiflett) wrote:
>3. The debate between storing includes outside of document root versus
>using a .php file extension, instructing Apache to process .inc files as
>PHP, instructing PHP to deny requests for .inc files, et
Richard Lynch wrote:
On Wed, June 1, 2005 1:29 am, Denis Gerasimov said:
Second, which way are you differ PHP .inc files from HTML .inc files?
There is no such thing as an HTML .inc file. :-)
All your HTML .inc files, by definition, if they are being require'd or
include'd into PHP *are* PH
Rory Browne wrote:
> Alternatively if the include_path, contained the path that your
> includes were in, (and only the directory where you put your
> includes), then php wouldn't have very far to search.
Well, no real difference between that and just making sure most of your
includes are in the f
>
> I do not agree.
Not agreeing with Rasmus on a PHP list, can be seriously damaging to
your credability, unless you really know what you're talking about and
have a solid argument.
Having that said, I personally use .inc.php - .inc as Rasmus said, to
denote include files, and .php because I co
OK... Let me explain a couple things...
> On Wed, June 1, 2005 1:29 am, Denis Gerasimov said:
> > Second, which way are you differ PHP .inc files from HTML .inc files?
>
> There is no such thing as an HTML .inc file. :-)
I see what you mean... but I use templating systems to separate code from
Richard Lynch wrote:
Why risk the possibility of your code being exposed or executed out of
context when it's so *EASY* to move the include files and set
include_path?
I just don't understand the resistance to such a simple straight-forward
elegant security measure.
For 5 minutes of time, you c
On Wed, June 1, 2005 1:29 am, Denis Gerasimov said:
> Second, which way are you differ PHP .inc files from HTML .inc files?
There is no such thing as an HTML .inc file. :-)
All your HTML .inc files, by definition, if they are being require'd or
include'd into PHP *are* PHP .inc files.
It is mere
Denis Gerasimov wrote:
Order allow,deny
Deny from all
Without this rule people would be able to access the .inc file directly
and since PHP won't parse it, the raw source code would be visible which
could be a security problem. If you prevent this simply by putting .php
onto th
>
>
>
> Order allow,deny
> Deny from all
>
>
> Without this rule people would be able to access the .inc file directly
> and since PHP won't parse it, the raw source code would be visible which
> could be a security problem. If you prevent this simply by putting .php
> onto
they're usually used as includes, hence the "INC" part.
files that have certain functions/classes that another script requires
and people use them to split up the code.
I don't and have never created .inc files.. all my files end in .php --
but that's just me.
Martin Zvarik wrote:
Hi,
I s
On 5/30/05, Martin Zvarik <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I saw files like "file.inc.php" and "file.inc"
>
> What is the *.inc suffix good for ?
>
> Thank you for replies.
>
> Martin
>
>
I think it means that the files were meant to be included...not called
by themselves. I'm just guess
Martin Zvarik wrote:
> Hi,
> I saw files like "file.inc.php" and "file.inc"
>
> What is the *.inc suffix good for ?
I don't see the point in file.inc.php, but file.inc is something I use
all the time to indicate that a file is designed to be included and not
accessed directly. Then I have an Ap
Martin Zvarik wrote:
Hi,
I saw files like "file.inc.php" and "file.inc"
What is the *.inc suffix good for ?
Thank you for replies.
Martin
It doesn't matter. PHP will parse either if you call them via include()
or require()
I guess it just boils down to your preference.
--
John C. Nich
13 matches
Mail list logo