protect php includes (with htaccess?)

后端未结

关注

 5  1016

清酒与你 2020-12-18 12:38

First of all, I\'m pretty sure a similar question will be on Stack Overflow, but I didn\'t really find it. Probably because I am using the wrong keywords. So don\'t shoot me

5条回答

借酒劲吻你 (楼主)

2020-12-18 13:28
You do have the option of doing this without using .htaccess (not saying it's a better solution, just a different one).

In files you wish the user to access directly, put the following before any includes:
```
@define('IN_APPLICATION', true);
require 'file.class.php'; //sample include
```
Then in the includes (class files), put the following code right at the top:
```
if (!defined('IN_APPLICATION')){
    die(header('HTTP/1.0 404 Not Found')); //or just die();
}
```
This will ensure that the class files are only accessible when included by a file (front end) that defines IN_APPLICATION. You could alternatively just kill the class file with a die() by itself rather than faking a 404.
0 讨论(0)

查看其它5个回答
发布评论:

提交评论
- 加载中...