Editable web page security issues? (newbie q)

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Say I have a file called:


which just display some straight html text.

Now if I access:


the page suddenly turns into a form that lets you edit the content of
the page. What are the security risks I need to be aware of when
programming such a page? How would a malicious visitor know that
index.php is editable AND know they have to type in
index.php?editable=1 to display the editable content?

Should I store the editable content in files with 777 permissions or
something less open?

Perl has taint mode and a lot of good regexes to extract only what you
want from user input. What are the similar things I should be using in

Thx for any help for this php newbie!

Site Timeline