Using PHP handler for HTML pages dangerous?
Posted: Wed May 12, 2010 4:43 am
Hi,
Recently, I've protected a bunch of HTML files by adding some PHP to it via the following rules in httpd.conf
<Directory /targetdirectory>
php_value auto_prepend_file /webdirectory/add.php
</Directory>
In add.php there is some code to check if a user is logged on. If not, then redirect to index.php.
I've heard that this solution is not a very good one, because of its performance cost and it being dangerous for it may, among other things, cause problems when processing multiple files at once due to a lack of locking or something.
My question thus is: can I use this solution safely?
Thanks in advance!
Recently, I've protected a bunch of HTML files by adding some PHP to it via the following rules in httpd.conf
<Directory /targetdirectory>
php_value auto_prepend_file /webdirectory/add.php
</Directory>
In add.php there is some code to check if a user is logged on. If not, then redirect to index.php.
I've heard that this solution is not a very good one, because of its performance cost and it being dangerous for it may, among other things, cause problems when processing multiple files at once due to a lack of locking or something.
My question thus is: can I use this solution safely?
Thanks in advance!