TIPS AND TRICKS>>Web Design(Protecting the content of include files)>>
A common practice in web design is to put repeated content (such as headers, footers, functions, etc) into a separate file then include it in all your webpages. However, using an extension such as .txt or .inc means if someone guesses the filename, they can view the contents of your file. This is particularly dangerous if you have sensitive info such as passwords or php code you don't want publically available. A way to protect this is to use the .php or .asp extension (depending on your server). If anyone views the page directly, all your code is executed and not visible to the end user.
|
