Tuesday 20 May 2003 10:14:04 am
A virtual host setup is usually more secure than a non virtual host setup. This is because you can use Apache's rewrite rules. If you are running a non virtual host setup, you should make sure that all your site.ini.append (and other .append files) are renamed to site.ini.append.php and place everything in these files inside PHP comments. ex:
<?php
/*
[my block]
myvariable=3
*/ ?> This will help if people get a way to access these files directly (then they will be parsed in the PHP module and all comments are stripped, so the file will be empty for the user). You should also use the wash() function wherever appropriate. Check the template section on http://ez.no/sdk for more information about this
Jo Henrik Endrerud | System Developer @ Seeds Consulting | http://www.seeds.no
|