Welcome to WebmasterWorld Guest from 54.227.231.144

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

just learning PHP

security and include methods

   
10:03 pm on Mar 17, 2003 (gmt 0)

10+ Year Member



I'm just learning and experimenting with PHP and I have two basic questions:

1. Are there any security concerns I should be aware of. I'm playing around with php scripts that show the current date, current time, and current users online (doesn't use database), an "email this link to someone" script, and a formmail script. I don't want to open anything up to hacking. And I haven't a clue whether any of this makes my site more vulnerable. Does it?

2. My main area of specilization is copy writing and SEO related to that. In using the PHP and playing with it, it seems that the best way to keep a lot of code off the main html pages is to use what I think are called includes such as:
<? include"http://mydomain.com/myfile.php";?>
This points to the php script and keeps all the code off the main pages so it is easier for bots to spider the copy on those main pages. Is this a reasonable way to do this? Am I on the right track?

thanks from a new learner...

10:33 pm on Mar 17, 2003 (gmt 0)

10+ Year Member



Hi,

2. Your reason for using includes is rather pointless, as a) a user (and also a bot) never sees php code and
b) any include files are included at the time of execution. So even if code was visible it would be visible once the script is executed and output served.
The point is that the output of the include files will be included in the server's output.

However, includes are good practice if you want to keep the code clean for yourself or in order to minimise repetition of common code, for example an include with your own functions or an include for header tags etc.

Hope this helps,

M.