Generally, if a file has a .html extenstion, then it should really
just
contain html. .php extensions are meant for php code containing html.
File extension has absolutely no bearing at all on the contents of the
file. There's valid reasons to not expose what's what under the hood,
especially if there happen to be known exploits in the latest version
of PHP that week. God forbid that that happens, but it does every so
often. File mime-type being determined by an extension is entirely M$
Windows mentality and doesn't really extend to *nix environments,
where most of us are hosting our sites, anyway. You could name your
scripts whatever you want, .awesome, .refridgerator, .silver, whatever
and it'd have no bearing on the files themselves. It's certainly the
de-factor standard that .html files only contain flat markup, but
that's by no means a rule or anything, but it's common practice
(mostly because programmers are lazy).
Yes, I wanted to hide the .php extension in case any wandering evil-
doing should find a hole in my site.. until I get really good at
preventing any possible holes. I see facebook uses the .php extension
so I assume there is ultimately nothing to fear, but I'm a php newb.
Sorry if I sound rude, just quit smoking :)
Hey, nice going! Hang in there! :-)
-G
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php