Ageed - always include your credentials from another file - plenty of
wise replies! :)
On 22/05/2014 17:04, Matthias Rebbe | M-R-D wrote:
Yes and no. If for what ever reason the lc server engine is not running or misconfigured than it
could happen that the content of that .lc script will be outputted. So the best thing would be, to
place the script outside the public_html folder as AndyP suggested. You could then create a script
within the public_html folder which uses the include command to include that "outside"
script. In case of the lc engine is not running or is misconfigured, then you will only see the
include… command and not the content of the complete "confidential" script.
Regards,
Matthias
Am 22.05.2014 um 10:01 schrieb John Craig <j...@splash21.com>:
A server .lc file is parsed by the server and only it's output is ever sent to
the browser (not the source code), so the code is safe :)
On 22/05/2014 05:31, Nakia Brewer wrote:
Afternoon all,
As I venture down the road of learning what the wonders of LC Server scripts
can do I find myself wondering how safe are the content of these scripts.
Being completely new to Web and Server development it's probably a silly
question but for example:
I have a LC Server script that is called from a mobile testing app that records
the devices location into a MySQL Database using $_GET params.
In the LC Server Script file resides all my connection details for my database
etc.
So, what stops someone from accidentally stumbling across that URL and getting
the content of that file?
Or am I completely not understanding?
Sorry in advance :)
COPYRIGHT / DISCLAIMER: This message and/or including attached files may
contain confidential proprietary or privileged information. If you are not the
intended recipient, you are strictly prohibited from using, reproducing,
disclosing or distributing the information contained in this email without
authorisation from WesTrac. If you have received this message in error please
contact WesTrac on +61 8 9377 9444. We do not accept liability in connection
with computer virus, data corruption, delay, interruption, unauthorised access
or unauthorised amendment. We reserve the right to monitor all e-mail
communications.
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
