protection
Moderator: General Moderators
protection
Hello Everyone,
I have a webserver which runs php scripts. I wanted a php script that would ask user some details and put them in a file. This should be done in such a way that the file cannot be downloaded or opened by any outsider. So i thought of putting them in a protected folder but how will php access contents of that folder. I dont know how will php access a file of a protected folder. I you know tell me plz.
If you have any other idea as to how to go about it please help me.
Note: I dont want to encrypt file.
Thanks,
Saurabh
I have a webserver which runs php scripts. I wanted a php script that would ask user some details and put them in a file. This should be done in such a way that the file cannot be downloaded or opened by any outsider. So i thought of putting them in a protected folder but how will php access contents of that folder. I dont know how will php access a file of a protected folder. I you know tell me plz.
If you have any other idea as to how to go about it please help me.
Note: I dont want to encrypt file.
Thanks,
Saurabh
protection
Hello,e+ wrote:you can use htaccess to restrict access to the folder to localhost that way scripts on the server can access it but outsiders can't.
Can you tell me how to use htaccess thru php or whatever so that i can restrict access to folder on server and its contents can be processed and outsiders cant access it.
Thanks a lot.
Saurabh
re: protection
Hello,
I dont want to use a database.
I wanted to know how thru httpaccess i can access a protected folder thru php and outsiders cant download or view files in that folder.
Please help me.
Thanks,
Saurabh
I dont want to use a database.
I wanted to know how thru httpaccess i can access a protected folder thru php and outsiders cant download or view files in that folder.
Please help me.
Thanks,
Saurabh
put in your .htaccess file something like this

I don't think you need the http://www.mysite bit but I can't see it doing any harm. If you trust particular sites you can add them here as well.Options All
<Limit GET>
order deny,allow
deny from all
allow from http://www.mysite.com
allow from localhost
</Limit>
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
Another option might be to store the files in a folder which is below the root of your webdirectory. For example if your webpages were in mysite/public_html create a folder in mysite called secret_files so your file structure would look something like:
You'll then be able to access the files in the new folder in your code but users won't be able to get at them (easily).
Mac
Code: Select all
mysite
|____ public_html
| -> website files...
|____ secret_files
-> files which shouldn't be accessible on the websiteMac
re: protection
Hi pal,
you had suggest to use the <Limit Get> code for website so that outsiders cant access the contents. Thought it proved fine but it now dosent open other gif files or other php files in that folder.
In htaccess file i pasted code you gave me. So now it opens 1 php file there but nor it opens any gif file nor any other file.
Please help.
Thanks,
Saurabh
you had suggest to use the <Limit Get> code for website so that outsiders cant access the contents. Thought it proved fine but it now dosent open other gif files or other php files in that folder.
In htaccess file i pasted code you gave me. So now it opens 1 php file there but nor it opens any gif file nor any other file.
Please help.
Thanks,
Saurabh
e+ wrote:put in your .htaccess file something like thisI don't think you need the http://www.mysite bit but I can't see it doing any harm. If you trust particular sites you can add them here as well.Options All
<Limit GET>
order deny,allow
deny from all
allow from http://www.mysite.com
allow from localhost
</Limit>
Hi,
the following code in htaccess file thought proved fine but now it dosent allow me to run more than 1 php file or in html pages it dosent open gif images.
I have a php file that opens another php file in same folder but then it says forbidden etc. gif files also dont open. plz help.
Thanks,
Saurabh
Options All
<Limit GET>
order deny,allow
deny from all
allow from http://www.mysite.com
allow from localhost
</Limit>
the following code in htaccess file thought proved fine but now it dosent allow me to run more than 1 php file or in html pages it dosent open gif images.
I have a php file that opens another php file in same folder but then it says forbidden etc. gif files also dont open. plz help.
Thanks,
Saurabh
Options All
<Limit GET>
order deny,allow
deny from all
allow from http://www.mysite.com
allow from localhost
</Limit>
re: protection
Hi,e+ wrote:the easiest thing to do would be to seperate the secure stuff of into a folder called secure and lock that up. Is it not possible to set your code up in this way?
Pal creating a folder and locking that folder is what i wanted. I have a folder and in that i have the files that no one should access. but i have php scripts in that folder also that access that files. what should i write in php script outside that folder which will run php scripts inside the protected folder and do processing.
i am thankful for your help.
If you can help me.
Thanks,
Saurabh
re:_protetion
Hi,
Pal creating a folder and locking that folder is what i wanted. I have a folder and in that i have the files that no one should access. but i have php scripts in that folder also that access that files. what should i write in php script outside that folder which will run php scripts inside the protected folder and do processing.
i am thankful for your help.
If you can help me.
Thanks,
Saurabh
Pal creating a folder and locking that folder is what i wanted. I have a folder and in that i have the files that no one should access. but i have php scripts in that folder also that access that files. what should i write in php script outside that folder which will run php scripts inside the protected folder and do processing.
i am thankful for your help.
If you can help me.
Thanks,
Saurabh
I'm getting a bit confused here but I'll have another guess at what you are wanting. By saying you have a file you are wanting to secure I am guessing it's a flat file or something with some information in you don't want people to access (such as user details etc). These files should be placed inside the secure folder and given full read write access. The php and gif files should all be outside the folder. People can't access the source of your php as the server will always parse them so as long as the php isn't set to output anything secret when you run it you are safe. Now you want to run the php as you would normally but have it call the flat files from the secure folder. It should be safe to read and write to them as it is running as localhost. This is no good for securing image files as they will be called by the users browser and not your php script (which only links to them). If you want to keep images secure (which is pretty much impossible) this isn't the method to use. Am I going in the right direction? 
Hi ,e+ wrote:I'm getting a bit confused here but I'll have another guess at what you are wanting. By saying you have a file you are wanting to secure I am guessing it's a flat file or something with some information in you don't want people to access (such as user details etc). These files should be placed inside the secure folder and given full read write access. The php and gif files should all be outside the folder. People can't access the source of your php as the server will always parse them so as long as the php isn't set to output anything secret when you run it you are safe. Now you want to run the php as you would normally but have it call the flat files from the secure folder. It should be safe to read and write to them as it is running as localhost. This is no good for securing image files as they will be called by the users browser and not your php script (which only links to them). If you want to keep images secure (which is pretty much impossible) this isn't the method to use. Am I going in the right direction?
Well you are right. I want a php script to modify a file (flat file) with user details. I want to keep that file in a secured folder so that anyone else dosent download or view that file. So how do i write a make script access a file that is protected. i thought of putting the scripts also in protected folder. but that not that important right now.
So can you tell me how do i make script access a file that is in a protected folder.
Thanks a lot for help.
Saurabh
If you are having trouble writing to the flatfile you might want to check the CHMOD of the file you will probably need to set it to 777. This is normally a bad thing to do but if the file is protected by being in a secure directory you should be ok. Once you have changed the CHMOD you should be able to access the file with scripts on your server without any difficulty.