PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Im sorry, but i get the imression of the stereotypical nerd bent over a keyboard with a pocket protector and a tie on whenever i see someone type M$
ANyway, renaming a PHP file to a diffrent extension, such as .txt or .html IS less secure then keeping it .php due to the MIME filetype and interpratation on the servers part. If someone knows your including the file under, say include.html, all they have to do is go to include.html view source, and since it sends the whole file client side without running anything between <? ?>'s, the user can see your source.
That's why setting your server to parse files with the extension ".inc" or ".whatever" makes sense. Once parsed, nothing will but the intended output is viewable.
patrikG wrote:That's why setting your server to parse files with the extension ".inc" or ".whatever" makes sense. Once parsed, nothing will but the intended output is viewable.
Yup. But on some types of servers this can be quite a pain, due to alot of servers dont allow MIME type configuration...