Security of Remote Include()
Posted on 2004-10-14
I have a class in PHP5 that will be included on many people's websites. I have properly coded the private and public functions/variables so they will not be able to access the variables.
I was wondering what security risks I should be concerned with, with remote including. I am not asking for the obvious such as using exec() on a variable that could be overwritten.
I will essentially be licensing once this hits 1.0 so I will be including a licensing feature within it, I have never heard of someone licensing via remote include so I do not know if this is safe or not.
Don't comment if you don't know that remote inlcudes evaluate on the remote server.