Menu
I had a few questions about how to lock down a site, since as far as I can tell, mine is currently wide open.
One of my include files declares a couple important global variables such as the database access string and so on. I put a check with defined() at the top so that each script including it needs to define a constant first…
But if someone found the PHP file and figured out how to fool the define-thing, wouldn’t they have wide open access to my db? What other mechanisms exist for protecting a script from being ‘included’ off-site?