|
Posted by Alan Little on 10/01/93 11:47
Carved in mystic runes upon the very living rock, the last words of
Chung Leong of comp.lang.php make plain:
> Alan Little wrote:
>> A couple of examples:
>>
>> 1. Phorm plugins use it to ensure they're being called from Phorm.
>> I encourage users to secure their plugins directory with .htaccess
>> or equivalent for their server, but users don't always do as
>> they're encouraged. The idea is to prevent
>>
>> http://www.example.com/phorm/plugins/someplugin.php
>
> <?php include("my_usual_rant_about_using_includes_as_functions.php");
> ?>
I'm not sure how this applies to plugins (then again, I'm not familiar
with your usual rant about using includes as functions :)
> I don't really get why it's necessary to use PHP_SELF for this
> suppose. Surely it's easier to do a define('IN_PHORM', 1) and then
> check for the presence of the constant. Even easier is to have all
> these plug-ins of yours call a function within Phorm. If the script is
> accessed directly, it automatically blows up.
I hadn't thought of those methods, both excellent. Thank you.
>> 2. I have a homebrew template processor I use in all my applications.
>> The calling script can, of course, specify the template, but if it
>> doesn't, the default is (for example) example.html if called from
>> example.php. Using $PHP_SELF works fine for me, but I've been
>> thinking of making it generally available.
>
> Still, you don't really need to know the actually URI.
True -- see my other post from yesterday.
> All you need is the filename, which you can obtain reliably through
> debug_backtrace().
I wasn't aware of this function. Thanks again.
--
Alan Little
Phorm PHP Form Processor
http://www.phorm.com/
Navigation:
[Reply to this message]
|