At 5/1/2001 03:05 AM, Dave Goodrich wrote:
>>In PHP, if I have my database password in a global var $dbpass,
>>I cannot prevent this code:
>>
>> eval('echo $dbpass');
>Never put your DBPass into a GLOBAL ;^)
Hm, perhaps creating a function do_connect('hostname','user','pass')
is safer? Good idea.
>Agreed, it's not worth your time and hassle to try and predict
>every possible circumstance a user might try.
>Have you thought about some SSI and a few Javascripts?
>depending on what you mean by "changing the look of a page" it might be easier.
Mm. I still prefer a template, thank you :)
>A stupid question but I gotta ask, have you looked through
>freshmeat? lots of stuff like this done in Perl, Python, PHP.
Yes, I have done a search on freshmeat and sourceforge for
php templates. Btw, there are eazytemplates and php
dreamtime that I've been told that supports ifs and loops.
That's nice. Thanks to everybody who responded.
Steve
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
