Saurav Dwivedi Saurav Dwivedi - 6 months ago 12
PHP Question

Secure a php page from accessing it

I have an index.php page and I'm using

<?php include("default.php"); ?>


to get contents from default.php. Now i want that if someone directly opens default.php it becomes unaccessable or redirect it back to index.php page. How can i do it ?

Answer

@NiettheDarkAbsol's answer is the best one, but sometimes putting files outside of the public_html directory isn't an option. In this case you can add a check at the top of each file to make sure that it's opened by a valid file, not accessed directly. I do this by setting a constant at the top of files that can be accessed using define('IN_SITE', true, true); and then add the following to all pages not allowed to be accessed directly:

if ( ! defined('IN_SITE') )
    die('No direct access allowed!');
Comments