I'm using Apache 1.3.23, Linux, and PHP to handle my web content. I provide
links on some of my web pages for users to download files.
My problem is PHP files. If a user clicks on the link, the PHP file is
executed, even though the actual file is stored outside of the document root.
For example, a file containing <?php phpinfo(); ?> will execute if offered up
on the web page as link and clicked on.
What do I need to do to prevent this?
-Al Andersen
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
links on some of my web pages for users to download files.
My problem is PHP files. If a user clicks on the link, the PHP file is
executed, even though the actual file is stored outside of the document root.
For example, a file containing <?php phpinfo(); ?> will execute if offered up
on the web page as link and clicked on.
What do I need to do to prevent this?
-Al Andersen
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org