I have been told that for security reasons all PHP data handling files should be located outside of the website root directory. I have a website hosted in IIS 10 with the includes folder outside the root. Something like this:- website: C:inetpubwwwrootindex.php and PHP files C:includessubmit.inc.php This is o…