How bout an Apache redirect for .inc files to go to denied.htm or something? PHP scripts could get to them, but they wouldn't be accessible via http. At 08:01 PM 3/3/01 +0100, [EMAIL PROTECTED] wrote: >Hi! > >as I wrote in my mail: >1. >I won't name them ".inc" but ".inc.php" (so *I* know, it's an include file) >2. >I don't even want them to be executable!!! > >and therefore my question was, if this (on top of every include-file) would >be safe enough: >>> if (substr($SCRIPT_URL,-8)==".inc.php") exit; >$PHP_SELF better than $SCRIPT_URL in line above??? > >thanks >michi > >> Include files do not have to end with '.inc', which is purely a convention >> of dubious value. If you use '.php' as the extension for included files, >> they will have to be parsed by PHP and can't be read as plain text from >> outside. >> >> > Hi! >> > >> > I want my include-files not be seen from outside AND not be executed!!! >> > I don't have access to a directory outside DOCUMENT_ROOT and I don't >> have >> > .htaccess!!! >> > >> > I think about something like: >> > 1. >> > name: <file>.inc.php >> > 2. >> > add code: >> > if ($PHP_SELF==MY_NAME) exit; >> > as first line in the inluded script. >> > so, if the script is being included from another script, the code will >> be >> > executed - but if the file will be called directly, no code is executed! >> > BUT - how do I get the include-file's name? >> > >> > or is it safe enough, to use something like >> > if (substr($SCRIPT_URL,-8)==".inc.php") exit; > >-- >Sent through GMX FreeMail - http://www.gmx.net > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED] > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Hide Include-Files from the Web
Richard Kitamura - Media Net Link, Inc. Mon, 05 Mar 2001 11:37:07 -0800
- [PHP] Hide Include-Files from the ... mailing_list
- Re: [PHP] Hide Include-Files ... Michael Hall
- Re: [PHP] Hide Include-Fi... mailing_list
- Re: [PHP] Hide Includ... Richard Kitamura - Media Net Link, Inc.
- Re: [PHP] Hide In... mailing_list
- [PHP] (URL Translating) Apach... Jenni &/or Patrick
- Re: [PHP] (URL Translatin... Yasuo Ohgaki
- Re: [PHP] (URL Translatin... Aaron Tuller
- [PHP] bug tracking so... Peter Van Dijck
- Re: [PHP] bug tra... Rick St Jean
- Re: [PHP] Hide Include-Files ... Yasuo Ohgaki
- Re: [PHP] Hide Include-Fi... mailing_list
