Thread: PHP Help
View Single Post
11-21-2005, 10:31 PM
 #8
Aros is offline Aros
Aros's Avatar
Status: Lurker
Join date: Jul 2004
Location: the Netherlands
Expertise:
Software:
 
Posts: 1,074
iTrader: 2 / 100%
 

Aros is on a distinguished road

  Old

Originally Posted by jared
Well the method I posted works is used by the firm I used to work for. It is perfectly secure if you know how to use it.

The case statement is good but when you are dealing with a template and you have over 50 pages it becomes a bit clumsy.



This will not work. Since when do includes work with remote websites?
Try and do include("www.yourdomain.com/honoes.php") and see what happens. Nothing.

Like I said, if you are smart this script is perfectly secure. But by smart, I mean you have to know what files should be protected by .htaccess (admin files).

Either way the case statement will work fine, but imho this is more efficient.
Your method is dangeroes, you could include any file you would want. Possibly not external files (dependant on settings), but any other file on that server. Such as a file located in an Admin directory which a user shouldn't be able to access at all.