Reply to Re: [PHP] Setting permissions such that file can be included but not open directly — PHP

Posted by Philip Hallstrom on 11/11/17 11:14

> I use a page to authorize a user and based on certain criterias (user group
> etc) include a file in another directory (named private)... Everything is
> working fine but the problem is anyone goign directly to
> private/includefile.php can run the script without authorising themselves...
>
> Is it possible to set folder permission such that files inside it cant be
> open directly but could be included?
>

Configure apache to not allow access to the private directory... That will
stop web browsers from getting there, but still allow your php script to
include() a file within it.

Something like the below if you're using apache. Other servers have
similar functionality...

<Location /url/to/private/directory>
Order deny,allow
Deny from all
</Location>

-philip

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация