Reply to Re: Why to use PHP — PHP Programming Language

Posted by Rik on 10/25/06 17:06

R K wrote:
> Rik wrote:
>> R K wrote:
>>>> BTW, how do I fix this in an administrative way?
>>>
>>> Nevermind. Put this in the .htaccess file in the upload directory:
>>>
>>> php_value engine off
>>
>> Upload/tmp directories shouldn't even be accessable by http....
>>
>> /dir/
>> /uploadtmp/
>> /wwwroot/
>
> Yeah, but suppose you wanted an upload to be web accessible after
> it's moved from the tempdir?
>
> That final directory needs the .htaccess, doesn't it?

Well, I'm very curious.
You want PHP to be available, but disabled?
When do you want PHP to run?
And it's far better to put these kinds of settings in httpd.conf then
..htaccess, and forbidding to use .htaccess to change these values. If they
have access to the directory, what stops them from deleting or altering the
..htaccess file, thus enabling PHP? I assume that when a user uploads a
file, he is allowed the either edit or delete it..
--
Rik Wasmus

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация