Well I really don’t need an php intensive ANYTHING on my website, so don’t criticize me for my rather simple script :(.

I have this running in my "index.php" file:

Code:
<?php

include(’overall_header.html’);
include(’index.html’);
include(’overall_footer.html’);

?>

I use it to separate my documents appropriately, in case a change is necessary.

For example: Lets say I made a spelling error in the header, and i have 1000 pages in HTML. I would have to go to each of those files and fix the error. However with this, i would just have to modify overall_header.html.

Each file i want will create will have the overall_footer.html and overall_header.html, and only a different body file.

I hope this is making sense.

The Question
I know that there is no risk of running pure html files. No places to be hacked or have things injected, and you are generally safe. I also know that php can be a little tougher to secure.

I was wondering if those include commands could be exploited in anyway?