beginning_php thread: Where to place php files
Message #1 by "Ron Mapes" <ron@m...> on Sat, 22 Feb 2003 01:57:25|
I am tinkering with php on a Linux server that I have built at home. So far
so good, I am able to make the files work and do what I want. My questions
is where should I place my files? I created a php directory to place them
into. On the internet I pay a hosting service for my website. Should I
create a php directory in the public_html directory? Or does need to go
further up the tree?
Where will my files be secure? especially the common_db.inc which contains
a username and password. I did not find the book spending enough time for
me on the security part.
Let me know your thoughts?
Message #2 by "Nikolai Devereaux" <yomama@u...> on Fri, 21 Feb 2003 18:06:55 -0800|
The first thing you should do is rename ALL your files such that they are
parsed as PHP files by the ISP web server.
If you request "common_db.inc" from your site, and your ISP's server passes
that through as text, you're screwed.
If, on the other hand, the server processes that with PHP, PHP will NOT
return anything to the client, so you don't have to worry.
PHP files can be put in any directory you place your HTML files in. If you
have sensitive data, you can put it in a directory beneath public_html/ so
that no one can request it directly, as long as you make sure you modify
your calls to include() (or require(), include_once(), and require_once())
to reflect the changes. Also make sure the webserver user has read
permissions in that directory.