.inc or .php

Anon

hi all,

what is the difference between including a .inc file and including a .php file? does it affect performance or something else? or can it be said that using .inc file is convention??

thanks.

Anon

Pure convention for documentary purposes; the idea being that it serves to identify to site maintainers and developers which files represent actual pages on the site and which contain included code snippets and libraries.

There is a security drawback to using an .inc extension, though.

It's unlikely the web server will have a special rule for dealing with a file ending with ".inc" if the browser requests one, the way it does for HTML, PHP or JPG files. So what the server would do is send the raw contents of the file - instead of executing it as PHP.

So if someone manages to discover (or guesses) that you have a file called, say, "database.inc", and asks for it, the server will serve up the source code. This would probably be a Bad Thing.

To prevent this, either reconfigure the server to interpret ".inc" files as PHP source, or (if you want to retain the documentary aspect), use ".inc.php" instead.

Anon

No difference.
It doesn´t affect performance.

I use .html for html
I use .php for php
I use .inc for configurations used in .php

Anon

In addition to Heyley's comments, you can also create a directory which is above your www directory. This would then be innaccessible to the public and you cna put all your .inc files there. This solves the security problem.