Hi Bruce!
On Mon, 13 Oct 2003 18:31:21 -0400, "Bruce W...1"
<br***@noDirectEmail.com> wrote:
Was browsing the documentation on reading a configuration file and found
this. What does a semicolon do at the beginning of a line?
; <?php DO NOT REMOVE THIS LINE
[first_section]
one = 1
five = 5
[second_section]
path = /usr/local/bin
; DO NOT REMOVE THIS LINE ?>
In order to protect your conf.php file, add these 2 lines, so it
will produce a PARSE ERROR if somebody wants to see your file !
Thanks for your help.
Well, in theory, if your webserver ius configured correctly, no one
should be able to see the source code of a PHP file, nor the output,
if it inly contains functions.
But in this case, even if someone does some kind of injection of
parameters (via register globals or whatever) the file will not show
anything, because it produces a parse error.
As the routine reading the config file is quite complex I suppose (in
relation to the config file), the security problem now lies there.
Interesting idea, because I'm not sure, if I like it.
HTH, jochen
--
Jochen Daum - CANS Ltd.
PHP DB Edit Toolkit -- PHP scripts for building
database editing interfaces.
http://sourceforge.net/projects/phpdbedittk/