--- Jacob Copsey <[EMAIL PROTECTED]> wrote:
> My style of PHP is to name all included files with a .php
> extension and of course this raises the problem of people
> accessing these script files directly.
I always name included files *.inc myself, but that's a
personal preference combined with a strong desire to adhere
to strict naming conventions.
It is very easy to make sure people cannot access your
include files directly. There are two common ways to do
this, and I will mention my preference first.
1. Do not store your include files under document root.
This is a very simple and straightforward approach that
negates all of the types of questions you were asking.
2. Deny access to any file with an extension of inc. Of
course, you would have to conform to a naming standard a
bit more for this to work. A quick Google search revealed
this example for Apache:
<Files ~ "\.inc$">
Order Allow, Deny
Deny from all
</Files>
Chris
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
