"Jeff Oien" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Would people like to list bad practices and also point us
> newbies to any articles online dealing with syntax, correct
> use of single and double quotes etc.?
People who create scripts that include a need for access to a SQL database,
meaning you need to give it a username and password then making the damn
configuration file be called something stupid like config.inc.
When you are scripting, using anything with a .inc extension is just asking
for trouble. If someone requests that file, it'll get passed straight to
them. It's a .inc, which means that PHP does not know to parse it. Which
means, that person can see your usernames and passwords. And because it's a
public package, they're far more likely to know the path to said file.
--
Rick Hodger
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
