Loading...

Professional-PHP@googlegroups.com

[Prev] Thread [Next]  |  [Prev] Date [Next]

[Pro. PHP Dev.] Re: Security: Includes / Classes / Configs? nickW+ Sat Feb 11 00:00:10 2012

Thanks for the reply and sorry for my delay. Crazy week :(

Do you by any chance have a link to an article or something that
describes the method you use?

I use a single include of a config file. The config will include all
the (classes) required for the site to function.

That method allows me to create an object for any class included in
the config. However I love to learn new ways to do things so it would
be great to try it out.

Regards,

Nick

On Feb 4, 5:32 pm, Robert Gonzalez <[EMAIL PROTECTED]>
wrote:
> I seldom use include. Honestly, in an OO environment, where object being
> created, I generally use an autoloader that calls the class files only as I
> need them. And in many cases I will use a factory method or factory object
> that builds my objects for me so that all of my object instantiation (or
> even singleton retrievals if you're feeling creative) are encapsulated in
> one location.
>
> All of this is to day that in most cases I will use a single require_once
> call to a simple script that contains my autoloader or my autoloading class
> and let the app do the rest.
>
>
>
>
>
>
>
>
>
> On Sat, Feb 4, 2012 at 12:39 AM, nickW+ <[EMAIL PROTECTED]> wrote:
> > Thanks, makes that easy.
>
> > Do you use the include_once for a config (which includes the rest of
> > the files) at the top of each page OR would you includes them with php
> > prepend in the htaccess.
>
> > Thanks in advance!
>
> > On Feb 4, 12:39 am, Robert Gonzalez
> > <[EMAIL PROTECTED]> wrote:
> > > The best/most secure is putting your application files below your server
> > > document root. So if your doc root is /home/user/public_html then ideally
> > > you would have one file (index.php) that is inside of
> > > /home/user/public_html/ and all the rest of your files (except public
> > > assets like js, css, images) would live in /home/user/.
>
> > > On Fri, Feb 3, 2012 at 10:27 PM, nickW+ <[EMAIL PROTECTED]> wrote:
> > > > Hello All,
>
> > > > So I have a question, which i'm sure you guys can answer.
>
> > > > I was taught that having your includes in /home/user/includes/ was
> > > > best practice for security reasons, however the most popular apps on
> > > > the market come with the includes folder inside the install directory
> > > > itself /home/user/public_html/includes/.
>
> > > > Which way is the best?
>
> > > > Which way is the most secure?
>
> > > > Which way is the most efficient?
>
> > > > --
> > > > This group is managed and maintained by the development staff at 360
> > PSG.
> > > > An enterprise application development company utilizing open-source
> > > > technologies for todays small-to-medium size businesses.
>
> > > > For information or project assistance please visit :
> > > >http://www.360psg.com
>
> > > > You received this message because you are subscribed to the Google
> > Groups
> > > > "Professional PHP Developers" group.
> > > > To post to this group, send email to [EMAIL PROTECTED]
> > > > To unsubscribe from this group, send email to
> > > > [EMAIL PROTECTED]
> > > > For more options, visit this group at
> > > >http://groups.google.com/group/Professional-PHP
>
> > > --
>
> > > Robert Gonzalez
> > > <https://plus.google.com/103821781336302925338/about>
> > > <http://twitter.com/RobertGonzalez>
> > >   <http://www.facebook.com/robertgonzalez>
> > > <http://www.linkedin.com/in/robertanthonygonzalez>
>
> > --
> > This group is managed and maintained by the development staff at 360 PSG.
> > An enterprise application development company utilizing open-source
> > technologies for todays small-to-medium size businesses.
>
> > For information or project assistance please visit :
> >http://www.360psg.com
>
> > You received this message because you are subscribed to the Google Groups
> > "Professional PHP Developers" group.
> > To post to this group, send email to [EMAIL PROTECTED]
> > To unsubscribe from this group, send email to
> > [EMAIL PROTECTED]
> > For more options, visit this group at
> >http://groups.google.com/group/Professional-PHP
>
> --
>
> Robert Gonzalez
> <https://plus.google.com/103821781336302925338/about>
> <http://twitter.com/RobertGonzalez>
>   <http://www.facebook.com/robertgonzalez>
> <http://www.linkedin.com/in/robertanthonygonzalez>

-- 
This group is managed and maintained by the development staff at 360 PSG. An 
enterprise application development company utilizing open-source technologies 
for todays small-to-medium size businesses.

For information or project assistance please visit :
http://www.360psg.com

You received this message because you are subscribed to the Google Groups 
"Professional PHP Developers" group.
To post to this group, send email to [EMAIL PROTECTED]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/Professional-PHP