The problem isn't specifically with the use of .html, that was more from an ease of use stand point. The security is in the file upload; I've been shown the tutorial you used before by someone and if I remember correctly it didn't cover anything but mime types. I could easily spoof the mime type of a php file and upload it to appear as .dat, then run it as .php and do whatever I want to the site, change everything to child porn or making it crash your computer.
using a database is much better from a development stand point - what if you want to change the layout of the map page after 100 maps have been uploaded? - also from a search stand point AND tracking. It should be the obvious root :tongue.gif:
I just got an idea!! If this is used enough, there could be a weekly map server. Every week an uploaded map is chosen and then a server is set up. Everyone could play on that map for week, untill a new one is chosen. Maybe it could be an option when uploading. You can choose wether your map is allowed be chosen. That way it get chosen when the creator doesn't want it to.
Sorry if that didn't make any sense.
Rollback Post to RevisionRollBack
Blargha! Blargha! Blargha!
I wouldn't listen to a thing I say. I'm probably insane.