fantomel Posted May 25, 2009 Share Posted May 25, 2009 Hello i'm trying to build a simple handler function for including files from different directorys what kind of security checking should i do before including the file ? any advices? Link to comment https://forums.phpfreaks.com/topic/159624-include-handler-function/ Share on other sites More sharing options...
premiso Posted May 25, 2009 Share Posted May 25, 2009 How are you determining the file the include? If it is from GET/POST you should check that the file_exists before doing any includes. Also if you do not use file_get_contents to fetch data from a URL you should turn off url_fopen (something like that) to prevent someone executing their own code from a url just incase. If you are not planning on doing a "dynamic" include with GET data, you do not need to worry about security as long as you define any variables that you may be using to include the file you should be fine. Link to comment https://forums.phpfreaks.com/topic/159624-include-handler-function/#findComment-841951 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.