I want to add some security to my script by making sure that files that are only to be used as includes can only be accessed when included. Could someone point me in the right direction on this?
Matt
The way I do that is by keeping the include files outside of the ~/htdocs path...
in each include file you could have:
if( !strstr($_SERVER['PHP_SELF'], 'filename.php') ){ die('Sorry but you can't access this page'); }
substitute filename.php for the file they are being included into 🙂
Big Thanks Mega 🙂
Originally posted by Mega in each include file you could have: if( !strstr($_SERVER['PHP_SELF'], 'filename.php') ){ die('Sorry but you can't access this page'); } substitute filename.php for the file they are being included into 🙂 [/B]
Originally posted by Mega in each include file you could have:
substitute filename.php for the file they are being included into 🙂 [/B]
You should get a parse error what that.. can't needs to be can/'t.
Originally posted by thefury You should get a parse error what that.. can't needs to be can/'t.
actually it needs to be can\'t lol 😉
i think u can let me off this once
🙂
