You are here: Re: [PHP] Setting permissions such that file can be included but not open directly « PHP « IT news, forums, messages
Re: [PHP] Setting permissions such that file can be included but not open directly

Posted by Philip Hallstrom on 10/07/17 11:14

> I use a page to authorize a user and based on certain criterias (user group
> etc) include a file in another directory (named private)... Everything is
> working fine but the problem is anyone goign directly to
> private/includefile.php can run the script without authorising themselves...
>
> Is it possible to set folder permission such that files inside it cant be
> open directly but could be included?
>

Configure apache to not allow access to the private directory... That will
stop web browsers from getting there, but still allow your php script to
include() a file within it.

Something like the below if you're using apache. Other servers have
similar functionality...

<Location /url/to/private/directory>
Order deny,allow
Deny from all
</Location>

-philip

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация