Hide a file on your server?
Moderator: General Moderators
-
mettlehead
- Forum Newbie
- Posts: 15
- Joined: Fri Oct 11, 2002 11:03 am
- Location: Canada
Hide a file on your server?
I have a php file that people at my work can access by typing the path (i.e. http://www.mypage/mtphp.php) I don't want another person on the web to guess it and get it right. Is there a way so they can not access it or should the name of the file just be to complex to guess?
-
mettlehead
- Forum Newbie
- Posts: 15
- Joined: Fri Oct 11, 2002 11:03 am
- Location: Canada
ok but
how do I do that , right now I tried this:
echo "<form name=\"Form\" action=\"enter()\" method=\"post\">\n";
echo "</textarea><br><br>\n";
echo "Password : <input type=\"text\" name=\"pass\" class=\"txtcolor\" value=\"$pass\"><br><br>\n";
echo "<input type=\"submit\" name=\"process\" value=\"Submit\" class=\"txtcolor\">\n";
echo "</form>\n";
And then I want to have a function called enter() which will check
if ($pass == "myPassword")
//do whatever
How do I call a php function from the action= on the form?
echo "<form name=\"Form\" action=\"enter()\" method=\"post\">\n";
echo "</textarea><br><br>\n";
echo "Password : <input type=\"text\" name=\"pass\" class=\"txtcolor\" value=\"$pass\"><br><br>\n";
echo "<input type=\"submit\" name=\"process\" value=\"Submit\" class=\"txtcolor\">\n";
echo "</form>\n";
And then I want to have a function called enter() which will check
if ($pass == "myPassword")
//do whatever
How do I call a php function from the action= on the form?
read Sticky: Before Post Read: Frames, JavaScript, and PHP Overview
you're not calling a php-function from a form, you're requesting a new document that is generated by a php-script
you're not calling a php-function from a form, you're requesting a new document that is generated by a php-script
- Heavy
- Forum Contributor
- Posts: 478
- Joined: Sun Sep 22, 2002 7:36 am
- Location: Viksjöfors, Hälsingland, Sweden
- Contact:
If you use Apache, you will be happy for this one 
Your page becomes invisible
Your page becomes invisible
Code: Select all
<?
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
if ($_GETї'user']!="TheRightUser" || $_GETї'pass']!="TheRightPassWord"){
?>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
The requested URL <?=$_SERVERї'PHP_SELF']?> was not found on this server.<p>
<hr>
<address><?=$_SERVERї'SERVER_SIGNATURE']?></address>
</body></html>
<?
exit;
}
?>
<HTML>
<HEAD>
</HEAD>
<BODY>
whatever content you wish to hide.
<br><br><br>
To see this, the visitor has to add...<br><br>
?user=TheRightUser&pass=TheRightPassWord <br><br>
...to the URL, after the php file name.
// Dont include that їb]amp;ї/b] in the URL. It is the forum system that adds that. It should only be an ampersand alone, without їb]amp;ї/b].
</BODY>
</HTML>hidding the file
I agree that using .htaccess is probably the best way to go. I just tried something that might work as well if you don't want to provide passwords and the like.
If you are hosting on a unix machine put a period in front of the file name like
.somefile.php
which will cause the file to be hidden, and it shouldn't show up in a listing with 404 errors unless they are scanning for hidden files and besides who puts a period in front of a file name.
phpScott
slowly hidding from view.
If you are hosting on a unix machine put a period in front of the file name like
.somefile.php
which will cause the file to be hidden, and it shouldn't show up in a listing with 404 errors unless they are scanning for hidden files and besides who puts a period in front of a file name.
phpScott
slowly hidding from view.