Keeping On-Rev Scripts and Data From Prying Eyes

Richard Gaskin ambassador at
Wed Aug 4 20:06:51 EDT 2010

Gregory Lypny wrote:

 > I'm tinkering with my first web deployment at On-Rev, and calling 
scripts using
 > <?rev include scriptname.irev ?>
 > My question is, can users simply type something into the url field
 > of their browser and view an entire text file from the public_html
 > folder?  If so, where should I be keeping or handling databases
 > that need restricted read and write access?  Likewise for scripts?

Dave Cragg to the rescue:

He's long advocated taking anything that isn't for public consumption 
out of the public_html folder and referencing it in its new location one 
folder up.

So if your directory structure looks like this:

       scriptname.irev could switch it to:


...and in your mypage.irev you'd change the reference to scriptname.irev to:

<?rev include ../scriptname.irev ?>

Like Mr. Cragg says, it's the difference between quiche and egg pie. ;)

  Richard Gaskin
  Fourth World
  Rev training and consulting:
  Webzine for Rev developers:
  revJournal blog:

More information about the Use-livecode mailing list