yep, u usually want ur CSV files protected from web access.Should I bring the location of this file up to /var/formdata.csv for added security? And at that point, would it really matter what the permissions were?
the permissions need to be rw-rw-rw- so the user that runs the web server software (apache) can write to the file - coz that's what the user is who runs ur formmail.php
probly the sameMy server has directories /var/www/public_html so i thought /var/www would be inaccessible from a browser, but maybe it is not.
i can't think of any reason u need to protect ur templates.The same question applies to my HTML template. It is located in
Why do we need to hide the template? What security issues are presented if the template is not above public_html?