One important note as a security concern is any .php
file in the skin/
folder will not get executed.
# Always send 404 on missing files in these folders
RewriteCond %{REQUEST_URI} !^/(media|skin|js)/
This is the rule you will find in the .htaccess
file of Magento.
Therefore, PHP files that are to be executed shouldn't reside within the skin/
folder.