GetSimple Support Forum

hi! i have a question, i create plugin and put data to .txt from php like http://get-simple.info/wiki/plugins:creation. This is safety for users?off course i use  file is 755 chmod.

It's not. You need to restrict direct access to the file and manage your data server-side via php, for example.

(2019-02-18, 23:30:23)Bigin Wrote: [ -> ]It's not. You need to restrict direct access to the file and manage your data server-side via php, for example.

Off course i use file_put_contents for save and for read file_get_content in my php

It doesn't matter. Depending on where the file is located, you may still be able to access the file directly via the URL.

(2019-02-18, 23:43:15)Bigin Wrote: [ -> ]It doesn't matter. Depending on where the file is located, you may still be able to access the file directly via the URL.

hmmm .htaccess Deny from all fix this?

It's a way, yes

(2019-02-18, 23:52:51)Bigin Wrote: [ -> ]It's a way, yes

Thx i check this!

(2019-02-18, 23:52:51)Bigin Wrote: [ -> ]It's a way, yes

No way, htaccess doen't open for settings. but i think is not very important. I think anyone without user change this .txt? Only visible this when have url this file?