Mark Sargent wrote:
Jochem Maas wrote:

NO - DONT EVER DO THIS!!!! tmp/session files should not be stored in a directory that
can be [potentially] read via http.

.htaccess directives can be used to block access to the dir BUT I still would recommend
keeping 'tmp' outside of the web root.

just make sure 'tmp' is writable by the user the webserver is running as.

Hi All,

thanx. How do I determine what user httpd is running as? Cheers.

Edit your httpd.conf file and look for "user" and "group".

--
Postgresql & php tutorials
http://www.designmagick.com/

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to