> directly to private/includefile.php can run the script > without authorising themselves... > > Is it possible to set folder permission such that files > inside it cant be open directly but could be included?
Can you just give read permissions -only- to the user that PHP runs as and not these other users? -M -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
