Which is safely
<?php include(TEMPLATEPATH.'/searchform.php')?> or
<?php include('searchform.php')?> ? The searchform.php is in the theme directory. Thanks a lot...
Which is safely of "<?php include();?> comment? (3 posts)
-
Aruz
Posted 3 years ago # -
chaoskaizer
Posted 3 years ago #safe would be like the following
<?php $search_form = TEMPLATEPATH.DIRECTORY_SEPARATOR.'searchform.php'; ?> <?php if (file_exists($search_form) include($search_form);?> -
Posted 3 years ago #Ok. Thanks. Default theme uses first code. Is this a risk?
How is there a security problem if I use <?php include('searchform.php')?>. What is the risk?
Topic Closed
This topic has been closed to new replies.
