[How-To] PHP Security

You could stick this in too:

Code:
if(!preg_match('#^/index.php.*#', $_SERVER['REQUEST_URI'])) {
    die('You cannot view this page directly.');
}

but this all seems like a lot of hassle when you could just use Smarty/include a header and footer.
 
Well the slashes actually get added to content, so you end up seeing things like

Hello, I\'m Rob!

getting written on pages and stuff. The headache comes in when you try and deal with them, since you have to do different things to your input depending on whether magic quotes is on or not.
 
Back
Top Bottom