Menu
I ask because it seems like the only thing ever called in a proper app index.php file is the require_once bootstrap file. I'm assuming this adds a layer of security but if not, this pattern seems pointless. Why not just use the index.php file as the bootstrap? Any opinions, cautions, thoughts etc. are appreciated!
(By the way, my htaccess file is routing all requests to the index.php file...)
300
There is no inherent security difference, no matter whether you have your bootstrapoing process in the index file or a separate one.
Having a separate file is usually due to organization concerns (e.g. to have a file that can be included from elsewhere to import your app's functions, or to put all the tasks in properly named files, or to make it especially easy to add custom extensions to the boot process).
However, configuration files containing sensitive information - sometimes, more rarely, even all PHP files at all except for the index file - will be placed outside the web root where possible. That will make a security difference in that PHP files can not be accessed from outside in case of an accidental server misconfiguration.
167
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
