Reply to Re: Is a .php file protected from inclusion in outside domains? — PHP Programming Language

Posted by Berimor on 12/03/05 22:54

On Sat, 03 Dec 2005 17:44:18 GMT, nc <ralph@noone.nowhere> wrote:

> If www.any1.com has a lib\file1.php, can someone at
> www.any2.com include the script and access the items
> in the script? Is it safely protected, or would we need
> to handle such protections ourselves?
>
> I.e.,
>
> <?php include("http://www.any1.com/lib/file1.php");
> // misc code which checks the defined variables...
> echo(pw);
> ?>
>
> I don't have a system right at the moment to test this.
>
> Thanks, Ralph.
>
>

I'm usually putting all my lib files into one directory and protect it
with .htaccess file. So they are inaccessible for outer requests. But even
without it - the remote caller will see only script result output.

--
Exact Meta Search | Major Search Engine http://exactsearcher.com
Web Design Essex | Multimedia | Printing http://nextwave.co.uk

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация