Keeping On-Rev Scripts and Data From Prying Eyes
gregory.lypny at videotron.ca
Wed Aug 4 19:55:13 EDT 2010
I'm tinkering with my first web deployment at On-Rev, and calling scripts using
<?rev include scriptname.irev ?>
embedded in HTML text objects on web pages. These scripts and various text databases reside in the folder named public_html, which I understand is accessible by everyone. I need users to be able to read selected records from the databases and add records to them, for example, sign-up information or data pertaining to an experiment, but otherwise, I want their access to be restricted to requests made through my web forms. My question is, can users simply type something into the url field of their browser and view an entire text file from the public_html folder? If so, where should I be keeping or handling databases that need restricted read and write access? Likewise for scripts?
More information about the Use-livecode