Page 2 of 2

Posted: Fri Apr 25, 2003 10:09 pm
by airo
[]InTeR[] wrote:M$ is brainwasing you... 8O 8O 8O
Im sorry, but i get the imression of the stereotypical nerd bent over a keyboard with a pocket protector and a tie on whenever i see someone type M$ :P

ANyway, renaming a PHP file to a diffrent extension, such as .txt or .html IS less secure then keeping it .php due to the MIME filetype and interpratation on the servers part. If someone knows your including the file under, say include.html, all they have to do is go to include.html view source, and since it sends the whole file client side without running anything between <? ?>'s, the user can see your source.

Posted: Fri Apr 25, 2003 10:13 pm
by phice
When was the last time any of us (nerds/geeks) have worn a pocket projector with slicked back hair?

Ah yes, Revenge of the Nerds.

Posted: Fri Apr 25, 2003 10:15 pm
by patrikG
That's why setting your server to parse files with the extension ".inc" or ".whatever" makes sense. Once parsed, nothing will but the intended output is viewable.

Posted: Fri Apr 25, 2003 10:18 pm
by airo
patrikG wrote:That's why setting your server to parse files with the extension ".inc" or ".whatever" makes sense. Once parsed, nothing will but the intended output is viewable.
Yup. But on some types of servers this can be quite a pain, due to alot of servers dont allow MIME type configuration...

Damn i cant spell tonight... need... sleep...

Posted: Fri Apr 25, 2003 10:21 pm
by patrikG
Sounds like you're talking about M$-Servers...:P

Posted: Fri Apr 25, 2003 10:41 pm
by airo
**snort**
Yeah guys, those damn M$, oppresing us! I think im going to send a nasty e-mail to Bill insinuating that hes a nazi-facist!!!!111!!!