Secure Inclusion Of PHP Code
Posted: Mon Aug 20, 2007 9:58 am
Hi there,
I am currently working with a php file. The php tags <? are open
and in between there is a piece of php which i want to include in the main file. suppose
is the code which is to be included. As I would need to change that query again so that's why i want to include it separate.
Now my question is with what extension should I save the file having $query = "INSERT INTO upload (name, size, type, content ) ".
"VALUES ('$fileName', '$fileSize', '$fileType', '$content')"; so that i can include it in the main file.
Is it ok to include file with <?php some data ?> into another file where the php tags are open?
If not then with what extension should i store the data mentioned above so user cannot see it. wen he types into the browser.?
The main concern is that if the user writes the name of the file which has data to be included then it should not be able to read it.
I am currently working with a php file. The php tags <? are open
and in between there is a piece of php which i want to include in the main file. suppose
Code: Select all
$query = "INSERT INTO upload (name, size, type, content ) ".
"VALUES ('$fileName', '$fileSize', '$fileType', '$content')";Now my question is with what extension should I save the file having $query = "INSERT INTO upload (name, size, type, content ) ".
"VALUES ('$fileName', '$fileSize', '$fileType', '$content')"; so that i can include it in the main file.
Is it ok to include file with <?php some data ?> into another file where the php tags are open?
If not then with what extension should i store the data mentioned above so user cannot see it. wen he types into the browser.?
The main concern is that if the user writes the name of the file which has data to be included then it should not be able to read it.