[How-To] PHP Security

robmiller · 8 Mar 2005 at 07:49

You could stick this in too:

Code:

if(!preg_match('#^/index.php.*#', $_SERVER['REQUEST_URI'])) {
    die('You cannot view this page directly.');
}

but this all seems like a lot of hassle when you could just use Smarty/include a header and footer.

robmiller · 9 Apr 2005 at 22:13

Well the slashes actually get added to content, so you end up seeing things like

Hello, I\'m Rob!

getting written on pages and stuff. The headache comes in when you try and deal with them, since you have to do different things to your input depending on whether magic quotes is on or not.

robmiller · 9 Apr 2005 at 22:26

Turn it off if you possibly can, it makes life much easier.

robmiller · 13 May 2005 at 23:39

Can this get archived since it's not a sticky anymore please?

Cheers