Go Back   Computer Forums > General Computing > Cyber Safety and Computer Security
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 07-20-2007, 01:08 AM   #1
Baseband Member
 
Join Date: Jan 2006
Posts: 23
Default the php include(); function

Hello there,

I'm cleaning up the code of my website and I've stumbled upon the very tempting php include(); function. I'd love to use it because then obviously I only have to edit one page to affect all pages linked to it, BUT I definitely don't want any of my information that I include (such as global command to link to my SQL database) to be put at any risk. Is there anyway that the include command could present a security risk to my website? It might seem like a n00bish question, but I'd rather be safe than sorry. (Oh, by the way, I'm only using the include command on my own server, not to get stuff from one to the next...just in case that makes any difference.)

And while I'm posting in this specific forum: How safe is FTP or even SFTP? And I don't mean as far as others being able to intersect files, but being able to crack my username and password. Is is safer to use a password protected php operated file browser or is that exactly the same as using FTP?

Thanks!
__________________

blondegeek is offline   Reply With Quote
Old 07-20-2007, 04:31 PM   #2
BSOD
 
0x0161's Avatar
 
Join Date: Apr 2007
Posts: 441
Default Re: the php include(); function

Quote:
I'm cleaning up the code of my website and I've stumbled upon the very tempting php include(); function. I'd love to use it because then obviously I only have to edit one page to affect all pages linked to it, BUT I definitely don't want any of my information that I include (such as global command to link to my SQL database) to be put at any risk.
I was just checking out you're website as well as proof reading all the source code. I see one risk in their. Also, just a little F.Y.I I wouldnt use my real information to register you're domain with a web hosting company.

You should change the domain to 'hotblondegeek.net' just my two cents.

btw, wheres the skipper? Fallbrook High School
--->2007 North Division Junior Varsity Champion<--- pretty good. Anyways, to answer your question

Quote:
How safe is FTP
Oh about as safe as any other 'clear text' protocols.

Just my two cents.

0x0161
0x0161 is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 12:31 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0