Secure PHP script folder

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Hello guys,

This is my first post here, and I think my problem is very basic. I
just start programming in PHP/Mysql a month ago. Please be nice.

Plafeform is Windows 2000 with EasyPHP1.7 (if you know it)

I have a www folder where a created a test.html file which contains a

<form name="form3" method="post" action="test.php">
  <input name="test" type="submit" id="test" value="test">

My test.php scrip is in the same folder as my test.html, and it works
fine like this.

But I know if I keep it this way, people from internet can steal my
php script which I do not want to happen.

Then I understood I can move my test.php to a non public folder like
cgi-bin or a 'include' folder.

When I do so, here is what happen: Not Found
The requested URL /Wartools/test.php was not found on this server.

Apache/1.3.27 Server at Port 80

I did modify my php.ini like this
; Windows: "\path1;\path2"
include_path = ".;C:\Program Files\EasyPHP1-7\php\include\"

but it still doesn't work, indeed I moved test.php in this C:\Program

Thank for your help

Re: Secure PHP script folder

If you are using require then make sure that you establish a full path
to the file -- in windows you would need to start from the C:/
directory and build from there.

Also -- if your webserver is parsing PHP documents then people will not
be able to steal them -- they will simply see the HTML results that are
spit out by the PHP.

Stephen Johnson

Site Timeline