--snip-- > If you run your own server, you can set it up so that each webmaster is > locked into a private environment, but it's messy. According to me, you > would need a separate copy of apache for each site, each running under a > different user, and they would need to run on separate ports, which is a > nuisance. --snip--
Though I would add my 2 pennies worh on this but it is probably more on an Apache list answer but, I recently asked a question about something similair myself on the Apache mailing list. You can have mutiple apache servers running on the same machine as long as you have used the "Listen IP:Port" Directive on each Apache server Instance to limit the IP it listens to. Therefore as long as each site has its own IP address you would not need to use different ports. I am not aware of any ISP/web host that runs like this though, due to the extract resources (e.g. memory & CPU time) required to run the muliple instances. Cheers Lee ----- Original Message ----- From: "Simon Ritchie" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, August 01, 2002 11:30 AM Subject: RE: [PHP] include() > > I suppose include() can be used to include files from remote > > systems(not on > > WINDOWS). > > Only if the sysadmin running your web server allows it, which they should > not. > > > > A webmaster on the same server can always use a path like > > "/home/htdocs/.../config.php" and include my config .php which contains my > > database password !! > > Not quite, but if you are on a shared server hosted by somebody else, there > is a potential problem. If somebody can figure out the name of the function > that opens the database, they could call it, potemtially giving access to > the data. You could use the solution posted by Justin French to make sure > that the function does nothing for them when they call it. > > As other people have said, your hosting organisation should set the system > up so that nobody can read your PHP code, and that nobody outside the host > computer can include it. However, I think it would be difficult for them to > stop another user on the same server including your code. > > If you run your own server, you can set it up so that each webmaster is > locked into a private environment, but it's messy. According to me, you > would need a separate copy of apache for each site, each running under a > different user, and they would need to run on separate ports, which is a > nuisance. > > Simon Ritchie > > Download my introduction to PHP for $25: > http://merrowinternet.com/downloads?source=ml > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
