PHP help wanted

dugdiamond

dugdiamond

New member
okay - my PHP is okay-ish, but i need to ask a question.

I have created a mySQL database on my web server that is hosted on the cloud. its location is 'localhost'.

i have written the php files 'getscores.php' and 'addscores.php'. these have been tested on my pc, and work.

but... where do i upload them to? :/
(in which directory, on my host's webserver, do i place the php files?)

would it be in public_html, or somewhere else?

any help would be appreciated
 
You want them accessible to a web browser (the public), right? Public_html would be where you need them or a sub directory of public_html.
 
public_html and if u want mywebsite.com/website1/index.php
then you will need to put them in a subfolder like website1 inside your public_html folder
 
cheers peeps, but i already sorted it out via an extensive google search.

i want all my php files invisible to the public (which they will not be in public_html).

so... i put them in a folder called *******, and then hid, and passworded, that folder... as the php files have the usernames and passwords to the databases in them. ;)
 
The public should never see that anyway even if they are in public_html, the php files should be run on the server side. All the public will see is the resulting code after the script runs.
 
hmmblah said:
The public should never see that anyway even if they are in public_html, the php files should be run on the server side. All the public will see is the resulting code after the script runs.
Click to expand...

by default, newly created folders do not have .htaccess in them.

i also had to edit the .htaccess file to enable PHP to be run in embedded html. :D

better safe than sorry ;)
 
dugdiamond said:
by default, newly created folders do not have .htaccess in them.

i also had to edit the .htaccess file to enable PHP to be run in embedded html. :D

better safe than sorry ;)
Click to expand...

You have your php embedded in an html file? Even without .htaccess if the server is set up correctly it should be parsing the php server side, but you should be using the .php extension, not .html.

Edit: Read your OP again, you are using .php. Server is not configured properly IMO if you have to use .htaccess to get it to parse php properly.
 
php is serverside code dude, if it's done correctly and apache is running properly jo public will never see any of the raw code. You don't need to do any funny business to make it work securely
 
programmers never make good webmasters. ;)

i guess i am just being safe. (as in the past i have hacked the contents other's websites) :P
 
dugdiamond said:
programmers never make good webmasters. ;)

i guess i am just being safe. (as in the past i have hacked the contents other's websites) :P
Click to expand...

I use .htaccess later to further secure. Made the mistake of hiring a web designer that was great at design, but unfortunately knew squat about making a secure site. He didn't even encrypt the user passwords in the db so with a little bit of sql injection you could gain access really easy. That was just one of about 100 flaws he had. I tripled the amount of code he had written only adding security in his sloppy coding. You could easily tell he copy and pasted a lot as the coding styles would change all throughout his pages. I thought I'd be a nice guy and show him what was wrong and why it was wrong. Even had 3rd party scans done to show the vulnerabilities. Then to top it off, I showed him how to get into a few other sites he designed, one of them being a small Bank.

In the end he basically told me to get bent and that he has been coding for 10 years blah blah blah. The whole thing was a great learning experience for me though. Taught me a lot about website vulnerabilities and reinforced the notion of never trusting anyone when you are ultimately responsible for the project.

I'd be really worried about that server you are hosted on. What else isn't configured properly if the basics are missing? It's great you were able to tighten it down yourself, but at that level you shouldn't have to. It's really basic web server configuration.
 
my host is FREE... and i suppose you don't get nothing in this world that you can rely on for free. ;)

it's all sorted now. thanks
 
You must log in or register to reply here.

Similar threads

P
Do some people never learn from the past?
Replies
2
Views
759
Pugsport
P
P
Smooth old school Corsair 600T
Replies
16
Views
7K
WillSK
WillSK
D
Full display black screen/game hangs on 2080 ti.
Replies
6
Views
4K
DwarfAdigginAhole
D
S
SSD disappearing?? please help.
2
Replies
31
Views
34K
AlienALX
AlienALX
B
Fan setup help
Replies
7
Views
20K
Warchild
W
Back
Top