Posted by Berimor on 12/03/05 22:54

On Sat, 03 Dec 2005 17:44:18 GMT, nc <ralph@noone.nowhere> wrote:

> If www.any1.com has a lib\file1.php, can someone at
> www.any2.com include the script and access the items
> in the script? Is it safely protected, or would we need
> to handle such protections ourselves?
>
> I.e.,
>
> <?php include("http://www.any1.com/lib/file1.php");
> // misc code which checks the defined variables...
> echo(pw);
> ?>
>
> I don't have a system right at the moment to test this.
>
> Thanks, Ralph.
>
>

I'm usually putting all my lib files into one directory and protect it
with .htaccess file. So they are inaccessible for outer requests. But even
without it - the remote caller will see only script result output.




--
Exact Meta Search | Major Search Engine http://exactsearcher.com
Web Design Essex | Multimedia | Printing http://nextwave.co.uk

• Next in forum: Re: File I/O vs. MySQL
• Prev in forum: Re: database types for php?
• Thread view: Re: Is a .php file protected from inclusion in outside domains?

[Reply to this message]