Code Forums - View Single Post

DJMaze · 04-09-2005, 12:55 PM

a) prevent execution by using .inc extension (just shows source)
b) they must be loaded thru another php file

Showing the source of a .inc file is nothing bad.
If it's OS code i don't care a thing actualy.

If you have a bug in your OS file and it's .php instead of .inc then people can try to hack in (especialy when register_globals is on)

So i use .inc and untill my script becomes commercial i change.

04-09-2005, 12:55 PM	#6 (permalink)
DJMaze Senior Contributor Join Date: Mar 2005 Posts: 651	a) prevent execution by using .inc extension (just shows source) b) they must be loaded thru another php file Showing the source of a .inc file is nothing bad. If it's OS code i don't care a thing actualy. If you have a bug in your OS file and it's .php instead of .inc then people can try to hack in (especialy when register_globals is on) So i use .inc and untill my script becomes commercial i change.