This is both somekind of a tutorial and a request for feedback on this little, and incomplete, bootstrapping system. I'm not done yet. Will update once the project is more complete.
Basically, only static content and the "index.php" can be accessed publicly. The "hidden" folder is only accessed by the server.
EDIT: I've added a "tmp" folder to the "hidden" folder tostore session data and such, so as to make it safe even on shared hosting.
Thanks for your help, I'm quite new to the whole bootstrapping thing.
Well, actually, if the webhost has not thought about making one temps folder per user, users are able to access the session files of others with PHP. If they find out what site's are hosted on their server, they can then steal sessions and log in as someone they are not.
