I'm just curious as to why the Include (and Require) function isn't allowed in V1 of the free website hosting plan. Is there some security issue that I should be aware of before even applying for a V2 account?
In my experience, Include and Require are almost staples that a website design is lacking without them. They allow centralized routines to be called, off a single consistent CSS file to be used, and are key to consistent Header/Footer displays. So I'm confused by when they say, "If you do not make a reasonable argument to switch versions, your request will be denied."
I can certainly understand how it could be used to hack a website if some unvalidated input from a form is used to directly call an include file but that seems more an indirect result of missing form validation requirements and not a direct threat posed by the Include function.
If any of you has already made a request for the Intermediate PHP Configuration that has been accepted, could you perhaps offer your input on what was and wasn't acceptable reasons for the relaxed security?
If these reasons in the second paragraph sound alright to the rest of you then I'll just submit a request and see what happens.
Thanks,
Jeff
In my experience, Include and Require are almost staples that a website design is lacking without them. They allow centralized routines to be called, off a single consistent CSS file to be used, and are key to consistent Header/Footer displays. So I'm confused by when they say, "If you do not make a reasonable argument to switch versions, your request will be denied."
I can certainly understand how it could be used to hack a website if some unvalidated input from a form is used to directly call an include file but that seems more an indirect result of missing form validation requirements and not a direct threat posed by the Include function.
If any of you has already made a request for the Intermediate PHP Configuration that has been accepted, could you perhaps offer your input on what was and wasn't acceptable reasons for the relaxed security?
If these reasons in the second paragraph sound alright to the rest of you then I'll just submit a request and see what happens.
Thanks,
Jeff
