Some rules for PHP

Set register_globals = off (Y!PHP has disabled register_globals, if you use Y!PHP you don’t need to consider this setting)
Set error_reporting = E_ALL (Y!PHP’s default setting), and correct all The error and warning
place the actual operations in the referenced file. Place referenced files in a directory that cannot be browsed directly