FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Nested PHP
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Nested PHP [message #184860 is a reply to message #184851] Tue, 11 February 2014 17:24 Go to previous messageGo to previous message
Denis McMahon is currently offline  Denis McMahon
Messages: 634
Registered: September 2010
Karma:
Senior Member
On Tue, 11 Feb 2014 14:31:51 +0000, Adrian Tuddenham wrote:

> Denis McMahon <denismfmcmahon(at)gmail(dot)com> wrote:
>
>> On Tue, 11 Feb 2014 13:55:57 +0100, Christoph Michael Becker wrote:
>>
>>> Or evaluate the generated PHP code with eval(). However, I suppose
>>> there's a design mistake here. Generating and executing PHP code on
>>> the fly doesn't seem to be reasonable (at least for most purposes).
>>
>> I'll second that. Instead of dynamically generating php code to
>> generate html and inserting the dynamically generated php code into
>> your file, you should refactor the script that produces the dynamic php
>> to instead generate the resultant html that the dynamically generated
>> php is expected to create, and arrange the code so that the html is
>> just inserted at the appropriate place
>
> That's what I've decided to do. It just means that the protected pages
> will have to have a different sort of 'include' command from the
> unprotected ones.

If you want to protect the included files from being accessed directly,
move them outside of the webroot structure.

The web server can only "serve" files inside it's directory structure,
but a php include can access any file according to file system access
constraints, so you can even include a file from a directory on another
computer as long as you specify the pathname correctly.

I always put files that include things like database access usernames and
passwords outside of the webroot, that way no one can request
"db_passwords.php" and get the mysql password and user that php is using.

--
Denis McMahon, denismfmcmahon(at)gmail(dot)com
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Filling an array with random input doesn't quite work
Next Topic: string length
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Nov 28 20:40:37 GMT 2024

Total time taken to generate the page: 0.04128 seconds