include security
- Thread starter gesf
- Start date
Alexej Kubarev
New member
hi guys, if you need to understand the phpbb code: ask me 
i had to go through it to understand where to make those changes most of you know about
and you dont need to go through the whole code
its simple
you request a page index.php:
and then include some files: if you call thoser files directly you will get a hacking attempt as in_app is not defined
i had to go through it to understand where to make those changes most of you know about and you dont need to go through the whole code
its simple
you request a page index.php:
Code:
<?
define('IN_APP', true);
//Some more code here
?>and then include some files: if you call thoser files directly you will get a hacking attempt as in_app is not defined
A
Anonymous
Guest
Hi,
My approach would be to store connection information as well as other sensible info in files outside of the document root. Thus it will not be possible to have them served via http. I would also not use .php extensions for them. See http://phpsec.org/projects/guide/3.html, it is quite helpful.
Regards.
My approach would be to store connection information as well as other sensible info in files outside of the document root. Thus it will not be possible to have them served via http. I would also not use .php extensions for them. See http://phpsec.org/projects/guide/3.html, it is quite helpful.
Regards.
Alexej Kubarev
New member
if you have configured your server correctly: it will not be any problem as it will not be possible to see the source of your config file
A
Anonymous
Guest
Hahahaha... well, bokehman give her my best regards, i am also madrileño... i guess there are mistakes that are very common for people that share the same language...
Cheers.
Cheers.