I had to use that folder for the old web server I used to use. All PHP scripts had to go in there, so I left them all in there when I switched to Apache.
I'm not trying to argue with you. I am just trying to figure out why that is a security risk and why this script doesn't work. I'm sorry if I have offended you. I am genually interested in why that is a securty problem. Thanks for the help you have given me. If you don't wish to help me anymore, I understand.
Well if you are going to as loose as that, you could also say that running Apache, mySQL or stuff like phpMyAdmin is a huge security risk dependant oh how you have set it up.
As with running anything on a server, if the server is not setup correctly or the apps are not configured right there could be security implications.
So what sort of setup specifically would cuase running PHP scripts from the cgi-bin to be a security risk?