My experience with PHP is mostly on a local machine... I am doing a website right now though and i want to use .php to dynamically generate the content. My webhosting company auto only allows scripts to run in /cgi. When I called support they told me where to go to allow scripts to run in all directories, and she told me that I would need to enable that to do what I'm trying to do. My question is this: Is there a security risk for allowing all directories to run PHP? The support woman said no. But I dont know how much I believe that. lol
There shouldn't be. You want php running in all directories I think - one small risk is exposing the php code to visitors - making .php files executable ensures they never see the code.