This one time, at band camp, Derick Rethans <[EMAIL PROTECTED]> wrote:
> > I would like to distribute a tarball for a PHP application that can be > > dropped into someones website along the same lines as PostNuke, > > phpMyAdmin etc (you get the idea). > > Perhaps this is exactly why PostNuke is considered insecure? A simple solution is to hard code the path to the database as $dbname = $_SERVER['DOCUMENT_ROOT'].'/../my_safe_db.sqlite The database will be created outside the web root and in user space. Kevin -- ______ (_____ \ _____) ) ____ ____ ____ ____ | ____/ / _ ) / _ | / ___) / _ ) | | ( (/ / ( ( | |( (___ ( (/ / |_| \____) \_||_| \____) \____) Kevin Waterson Port Macquarie, Australia -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
