Skip to main content

How to prevent people from accessing the include files directly on the browser in php

PHP Script to prevent people from accessing the include files directly on the browser

If a single file has to be included then here is the sample code

index.php  where the file is to be included
___________

//define a constant "CALL_FROM_MAIN" in the main file
    define('CALL_FROM_MAIN', TRUE);
    include('folder/footer.inc.php');


and the footer file (for example) looks this way then

footer.inc.php ( the file to be inluded )
___________

// in the include file code check whether the constant "CALL_FROM_MAIN"  is set

    defined('CALL_FROM_MAIN') or die('file not found');
    echo('My Blog is www.crozoom.com');


So when someone tries to access the footer.php file directly then will get the "file not found" messages written on the screen. An alternative option is to redirect the person who wants to access the file directly to a 404 error page or any other location, so instead of the above code you would have to write the following in the footer.inc.php file.

    defined('CALL_FROM_MAIN') or header('Location: http://www.your website.com');
    echo('My Blog is www.crozoom.com');


Error 404 redirection

Adding a 404 header will not give the user any clue that the include-file even exists !!!

You can also prevent the access of include file by using .htaccess file

<files \.inc$="" ~="">
Order allow,deny
Deny from all
Satisfy All
</files>

Popular posts from this blog

Payback Points - How to redeem - How to merge multiple payback accounts - Block Payback card - Payback customer care

How to apply for a new ration card and what are the documents required?

List of documents required for new ration card application in Kerala and how to apply


Application for a new ration card should be addressed to Taluk Supply Officer (TSO) / City Rationing Officer (CRO) of applicant's residing area.

Primary document required are Residence certificate, Income certificate and incase the applicant's name is in another ration card then he/she should submit the reduction certificate ontained from previous TSO / CRO as proof for removing his/her name from old Ration card.

You can get the new application from your currently residing Taluk Supply Office.

Your SBI Debit card ending with XX0000 is deactivated only for Internet txn.

SBI account holders may have received an SMS with following message, supposed to be from State Bank of India (SBI).

Your SBI Debit card ending with XX0000  is deactivated only for Internet txn. To activate send SMS "SWON ECOM 0000" to 09223966666. No change for ATM/POS usage
** Replace the four Zeros with last 4 digits of your debit card number

Recently many of the SBI account holder has losed their money due to a hi-tech ATM robbery which happened in Thiruvananthapuram, capital city of Kerala.


Urgent Openings for PHP trainees, Andriod / IOS developers and PHP developers in Kochi Trivandrum Calicut and Bangalore. Please Send Your updated resumes to recruit.vo@gmail.com   Read more »
Member
Search This Blog