Welcome to WebmasterWorld Guest from 188.8.131.52
So far the script does not have any user input. It does open/write files and it also accesses my MySQL database. No variables are passed from script to script either.
My question is, what security dangers should I be aware of?
My other question is, can you download a php file and view the contents?
Apologies if dumb questions but this has been puzzling me.
As for your last question, no.
PHP is parsed by the server and displays only the HTML content that you have printed or echoed to output (along with any other static HTML in your script). Users never get to view your code, unless you have instructed your server not to parse the page.