Posted by Marek Kilimajer on 10/01/89 11:14
Dasmeet Singh wrote:
> Hi!
> I use a page to authorize a user and based on certain criterias (user
> group etc) include a file in another directory (named private)...
> Everything is working fine but the problem is anyone goign directly to
> private/includefile.php can run the script without authorising
> themselves...
>
> Is it possible to set folder permission such that files inside it cant
> be open directly but could be included?
>
> thanks in advance :)
>
>
In private/.htaccess put:
Order Deny,Allow
Deny from all
Navigation:
[Reply to this message]
|