Page 1 of 1

file access

Posted: Mon Jul 11, 2005 10:26 am
by SidewinderX
sweet, my script finally works with no errors! But now that the script is done i would like to fix some security issues. My first question is how do i restrict access to a file? for example config.php. Although the only data in there is stored as variables I would like it so if someone points to the file they get a message like "Sorry, You cannot access this file directley."

Posted: Mon Jul 11, 2005 10:55 am
by John Cartwright
what I do on my sites is

Code: Select all

define('IN_SITE',true);
include('config.php');

Code: Select all

if !defined('IN_SITE') {
  exit('You cannot access this file directly');
}

Posted: Mon Jul 11, 2005 11:44 am
by timvw
I place them outside the pubwww directory.