On Thursday, January 31, 2002, at 11:50  PM, qartis wrote:

> I wanted to hide the existance of my include files by making them
> 'invisible': give a 404 error when requested. This worked, but the files
> that were including were obviously 404ing too. So I decided to use 
> and check whether the script's PHP_SELF was it's filename, which would 
> mean
> that it was being accessed directly, as opposed to being included.

Just don't name any of your real files "include"!  If you have access to 
your web server, you can easily set a directive in httpd.conf (assuming 
you're using Apache) to deny any file serve request with the following 

<Files ~ "\.inc$">
    Order allow,deny
    Deny from all



Erik Price
Web Developer Temp
Media Lab, H.H. Brown

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to