Topic awaiting preservation: Includes outside of web root — OZONE Asylum, home of the Mad Scientists

Includes outside of web root

This page's ID: 26692

Topic awaiting preservation: Includes outside of web root (Page 1 of 1) $Pages that link to <a href="https://ozoneasylum.com/backlink?for=26692" title="Pages that link to Topic awaiting preservation: Includes outside of web root (Page 1 of 1)" rel="nofollow" >Topic awaiting preservation: Includes outside of web root <span class="small">(Page 1 of 1)</span>\$

CPrompt Maniac (V) Inmate From: there...no..there..... Insane since: May 2001	posted 09-20-2005 20:51 is it OK to just include a page outside of the web root by doing: code: require ("/var/www/inc/my_sensitive_info.php") I know I can do it this way, but is there maybe a better and more secure way to include info such as database connectivity info and the such. Thanks in advance! Later, C:\
GRUMBLE Paranoid (IV) Mad Scientist From: Omicron Persei 8 Insane since: Oct 2000	posted 09-20-2005 22:27 why do you think this way is insecure?
CPrompt Maniac (V) Inmate From: there...no..there..... Insane since: May 2001	posted 09-21-2005 00:22 just wondering is all. Later, C:\
bitdamaged Maniac (V) Mad Scientist From: 100101010011 <-- right about here Insane since: Mar 2000	posted 09-21-2005 05:53 As long as you're using a hardcoded string this is as good as it gets. Once you start using variables is when things can get dicey. Also a good practice is making sure your php.ini basedir setting is to /var/www/ helps. .:[ Never resist a perfect moment ]:.
CPrompt Maniac (V) Inmate From: there...no..there..... Insane since: May 2001	posted 09-21-2005 12:27 ok, so doing it that way is cool but say: require("$myInfo"); is not. That's what I was wondering. Just where it starts to be not so good. I have just been wondering where it starts to be a little less secure. Thanks! Later, C:\

« Backwards — Onwards »

Show Forum Drop Down Menu