Hi there,
I have a folder called includes/, and I was wondering what the best way to block viewers to access/view the files in the include folder.
Everyone should be able to see: index.php?page=videos (where includes/videos.php is being included)
No one should be able to see includes/videos.php
I'm sorry if it's hard to understand my explanation :p
include files
Moderator: General Moderators
Re: include files
For best results, if you are using Apache, disable viewing indexes of Directories.
For just one directory though, you can put a blank index.html file in that directory.
Then, in case they somehow know the names of the .php files, since they are all designed to be included by another PHP script, check for a constant to be defined by the main program (index.php):
Then, at the top of every file that is included, and not meant to be called by itself, do the following:
-Greg
For just one directory though, you can put a blank index.html file in that directory.
Then, in case they somehow know the names of the .php files, since they are all designed to be included by another PHP script, check for a constant to be defined by the main program (index.php):
Code: Select all
define('SYSTEM_BASE',TRUE);Code: Select all
if (!defined('SYSTEM_BASE')) die ('Invalid direct call to file');
Last edited by twinedev on Tue Sep 28, 2010 7:25 pm, edited 1 time in total.
Re: include files
Nice, I tried the define() snippet, and it works great - thanks! 