Skip to main content

How to prevent people from accessing the include files directly on the browser in php

PHP Script to prevent people from accessing the include files directly on the browser

If a single file has to be included then here is the sample code

index.php  where the file is to be included
___________

//define a constant "CALL_FROM_MAIN" in the main file
    define('CALL_FROM_MAIN', TRUE);
    include('folder/footer.inc.php');


and the footer file (for example) looks this way then

footer.inc.php ( the file to be inluded )
___________

// in the include file code check whether the constant "CALL_FROM_MAIN"  is set

    defined('CALL_FROM_MAIN') or die('file not found');
    echo('My Blog is www.crozoom.com');


So when someone tries to access the footer.php file directly then will get the "file not found" messages written on the screen. An alternative option is to redirect the person who wants to access the file directly to a 404 error page or any other location, so instead of the above code you would have to write the following in the footer.inc.php file.

    defined('CALL_FROM_MAIN') or header('Location: http://www.your website.com');
    echo('My Blog is www.crozoom.com');


Error 404 redirection

Adding a 404 header will not give the user any clue that the include-file even exists !!!

You can also prevent the access of include file by using .htaccess file

<files \.inc$="" ~="">
Order allow,deny
Deny from all
Satisfy All
</files>
Labels:

Popular posts from this blog

How to delete videos from your Youtube Watch History list?

How to Delete Individual or all videos from your Youtube Watch History list? Youtube keeps a fine record of the videos that you had watched earlier. You can view this by visiting the History section. If you want to remove the video's from the list do the following: Logon to Youtube and click on the "History" tab on the left menu to view Watch History ( Read more ) There will be check boxes corresponding to each video in the list Tick the check boxes of the videos which you want to remove Click on " Remove " button to delete the videos.
Read more

ICICI prudential Customer portal updated - Option to change password is missing - Know how to change your ICICI prudential password

Recently I received an SMS from ICICI prudential asking for login to their website's customer portal using the phone number as user Id and an autogenerated one time password given in the message as password. The SMS messsage was like this. Dear ***Cust Name*** login to your policy(ies) on www.iciciprulife.com with your user id as **mobile number*** and One time use password as ***password***
Read more

What are the Income Tax Rates for Indian citizens for Financial Year 2017-2018?

Income Tax Slab and Rates given below are for Indian citizens of age less than 60. This rates are applicable for the Financial Year 2017-2018 Income Tax Slab Rates Financial Year 2017-2018 Assessment Year 2018-19 Income Tax Slab Rates SLAB 1 Individuals whose total income not exceeding Rs. 2,50,000 ( 2.5 lakhs ) They are exempted from paying income tax.
Read more


Urgent Openings for PHP trainees, Andriod / IOS developers and PHP developers in Kochi Trivandrum Calicut and Bangalore. Please Send Your updated resumes to recruit.vo@gmail.com   Read more »
Member
Search This Blog