Should we put protection in the .inc files to ensure that no one ever
visits them directly (i.e., that they're only ever *included*, not
*browsed*)? I can imagine some bad side-effects if someone visits
some .inc file and it runs some arbitrary php code...
Anyone know how to do this, offhand? I'm pretty sure there is a way
(I have some dim recollection that this is possible, but I don't
remember any details...).