Rahul Sharma wrote:
Hello....
I have installed include_php in my application. it works fine but how can i secure this page from anonymous user.because bydefault everyone can see source code of this wikipage. is it any security issues with this extension. is it good way to display table from database.
thanks...
from Rs.....
You mean that the source code of Extension:Include_PHP is public? That's not necessarily a security problem.
That extension seems quite safe, provided you are using a UNIX-like server and are careful with what you place into the scripting folder.
Note that if the script you run there are unsafe, there's nothing that Include_PHP can do.
I think that the check for the 'scripting' permission could be bypassed, though.