Wish it was that easy, better upgrading to the latest contribs? I your just worried about somebody hacking your php web site via cross scripting, etc do this. Make a .htaccess file with this inside:
<filesmatch "\.php$">
deny from all
</filesmatch>
copy this fille to all your sub directory's. This only allows *.php files to be called locally