On Jan 22, 2008 3:57 PM, Jason Pruim <japruim@xxxxxxxxxx> wrote: > Hi everyone, Hi, Jason! > Been doing some reading on security and have decided that I should be > storing my include files outside of the document root... Which I > understand how to do it, but what I'm wondering, is say I write the > Next Killer App (tm). How would I port that code easily off of my > server and put it into a downloadable file for the millions of people > who will download and run the Next Killer App (tm)? Absolutely. It's called a README file. Lots of well-designed applications keep the includes out of the web root, as they should. They're just included in a directory in the tarball, zip file, or whatever is being used to package and distribute the code, with installation instructions in the README or INSTALL file (or a similar counterpart). > Err... That doesn't make it very clear... Yes it did. Leave it alone, it'll grow. > Is there a program for > Macintosh or Unix that I could use to grab all the source code from > where ever I have it set? Or would I need to make my own? Or should I > just quit being lazy and grab it my self? :) There's always SVN and CVS for file structure and system architecture, but a zip file or tarball would suffice. And you certainly don't want them downloading the files from the actual location on your server, since that defeats the purpose of placing them outside of the web root. Just one example of this is how WHM AutoPilot handles the situation. There's a database directory named mib_data that is included in the zip file with all of the web files. The README/INSTALL document tells you to place that folder outside of the web root (for example, if on a cPanel or same-structure server, make it ~/mib_data/). Very easy to understand and deploy. -- </Dan> Daniel P. Brown Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php