2

My website build from many pages , those pages split to two categories , one the "html" files and the "core" files which contain the functions and the server-side code that the "html" file need , their both PHP files.

There is situation that the "core" files can be requested not from the "html" files and i want to block this.

i want that the "core" files will be only able to open only if the "html" files requested them , else it will show the 404 error , is that possible?

note*: i said earlier , the "html" and the "core" files are both PHP files.

thank you in advance!

Improve this question
2
  • This is actually a server setting, not really a PHP question. Might want to take it to a different StackExchange site Commented Jan 18, 2012 at 20:36
  • i actually know nothing in servers , i'm interesting to do this in php if it can be. Commented Jan 18, 2012 at 20:37

3 Answers 3

Reset to default
3

Make an validation code in your Core.

Somehting like, validate a constant "html", if it's defined, then run the code, if not, then throw 404 error.

https://www.php.net/manual/pt_BR/function.constant.php

Other way is to block using htaccess if you are using apache server.

HTML (php file)

define('HTML');

Core (php file)

if(!defined('HTML')) { /* Display 404 error */ }
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

You could use an .htaccess to restrict access to the files in question.

eg. If the "core files" have a .php extension while all the others have .html you could add to .htaccess something like:

<Files ~ "\.php$">
Order allow,deny
Deny from all
</Files>

Or if all of your "core files" are in a directory you could limit access by entering

<Directory ~ "\core">
Order allow,deny
Deny from all
</Directory>

Remember to have AllowOveride All in order for apache to use the .htaccess you have specified.

Improve this answer

2 Comments

as i said in the post , they are both PHP files , it called "html" files because they contain html code. i will consider my options and if i have none in php i will go for htaccess , thank you for the quick replay.
@MorSela Sorry I've missed that! :) You could rename your core files to .inc.php and apply limitation as specified above or move them to a separate directory and limit that. The concept of the definition mentioned by GabrielGartz is also a viable solution
1

You either control it through server settings or better move them out of your document root.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.