Server Setting or PHP Script

Conrad11

Conrad11

Conrad11

Soldato
Joined
12 Jun 2005
Posts
5,361
Hi there,

I am looking to see if there is a specific CHMOD or PHP setting so that a php page can't be opened (run) unless its included by another PHP page on the server.

Thanks.


EDIT:

Or would a token be sufficient?
 
When i do this I use a constant.

File:
Code: 
define("SECURE", TRUE);

Protected File:
Code: 
if (!defined("SECURE")) {
	die ("You cannot directly access this file"); 
}
 
Jaffa_Cake said:
When i do this I use a constant.

File:
Code: 
define("SECURE", TRUE);

Protected File:
Code: 
if (!defined("SECURE")) {
	die ("You cannot directly access this file"); 
}
Click to expand...

Surely doing this means I wouldn't be able to run it even if it was included?
 
Conrad11 said:
Surely doing this means I wouldn't be able to run it even if it was included?
Click to expand...

You declare the constant in your index file then when it includes the other file then the constant is defined in your scripts. Which means that if you put that If statement on your first line then the file can't be executed past that line unless the constant is defined from your index.
 
Jaffa_Cake said:
You declare the constant in your index file then when it includes the other file then the constant is defined in your scripts. Which means that if you put that If statement on your first line then the file can't be executed past that line unless the constant is defined from your index.
Click to expand...

Ah I see now....clever.

And I take it that there is no way to get past this?
 
Conrad11 said:
Ah I see now....clever.

And I take it that there is no way to get past this?
Click to expand...

It can only be accessed by files on the same file system which have declared the constant :) Nothing from other sites and no direct access
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom