> if someone knew the name of your include file, and it was under the
> webserver root (for instance, the same folder) then yes, its like any
> other file......you can get around this by changing your php.ini
> include_path variables and putting the files there, outside the
> webserver directory
I'd agree except that I don't leave any code lying around with anything
other than a *.php extension so, like you said, that'd be parsed by the
server before being sent to the browser, right?
I would take this to mean that my code *should* be safe...? <gulp>
I ask because I'm such a jealous S.O.B. I've done such hard work that I'd
hate to think that someone could come along and just use it all for free.
Plus, there's that nastiness of having passwords in there and all that.
Murph
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
