Or even better put them outside your www root. > -----Original Message----- > From: Erik Price [mailto:[EMAIL PROTECTED]] > Sent: Friday, February 01, 2002 4:19 PM > To: qartis > Cc: [EMAIL PROTECTED] > Subject: Re: [PHP] Making your include files invisible (header() in if > loop) > > > > On Thursday, January 31, 2002, at 11:50 PM, qartis wrote: > > > I wanted to hide the existance of my include files by making them > > 'invisible': give a 404 error when requested. This worked, > but the files > > that were including were obviously 404ing too. So I decided to use > > $PHP_SELF > > and check whether the script's PHP_SELF was it's filename, > which would > > mean > > that it was being accessed directly, as opposed to being included. > > Just don't name any of your real files "include"! If you > have access to > your web server, you can easily set a directive in httpd.conf > (assuming > you're using Apache) to deny any file serve request with the > following > line: > > <Files ~ "\.inc$"> > Order allow,deny > Deny from all > </Files> > > > > Erik > > > ---- > > Erik Price > Web Developer Temp > Media Lab, H.H. Brown > [EMAIL PROTECTED] > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > To contact the list administrators, e-mail: > [EMAIL PROTECTED] >
The information contained in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any form of disclosure, production, distribution or any action taken or refrained from in reliance on it, is prohibited and may be unlawful. Please notify the sender immediately. The content of the email is not legally binding unless confirmed by letter bearing two authorized signatures. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
