Re: php and xml security
by Andreas Otto <andreas(at)noho.co.uk>
|
| Date: |
Tue, 20 Mar 2001 09:25:58 +0000 |
| To: |
hwg-xml(at)hwg.org |
| References: |
communique |
| |
todo: View
Thread,
Original
|
|
Hi Oscar,
Tuesday, March 20, 2001, 8:20:53 AM, you wrote:
> Hi,
> I'm working on a php-site that will take info from a xml-file and then
> serve just parts of that information. The thing is that I don't want the
> users to be able to reach the xml-file, only the php-files that serve
> info from the xml-file. Any ideas on how I can accomplish this? I'm no
> guru on php-security. I don't want to use a database, since the
> information is very "irregular".
Put the xml files outside the document root of your webserver.
> My second question is regarding generating xml-files with php. I have
> tried to generate SVG-files with php. The code is correct, but the
> browser doesn't want to believe it is a SVG-file.
Did you send the right header? The default mime type for php output is
text/html. For everything else you have to set the header e. g.
Header ("Content-type: image/png");
Kind regards,
Andreas
--
Andreas Otto
OgilvyInteractive | Floor 2, Canberra House
315 - 317 Regent Street | London W1B 2HS
Reception +44 207 299 3434 | Fax +44 207 631 5050
http://www.ogilvy.com
HWG hwg-xml mailing list archives,
maintained by Webmasters