Re: [PHP] Setting permissions such that file can be included but not open directly
Kim Madsen wrote: -Original Message- From: Mike [mailto:[EMAIL PROTECTED] Sent: Friday, April 15, 2005 9:43 PM To: 'Dasmeet Singh'; php-general@lists.php.net Subject: RE: [PHP] Setting permissions such that file can be included but not open directly directly to private/includefile.php can run the script without authorising themselves... Is it possible to set folder permission such that files inside it cant be open directly but could be included? Can you just give read permissions -only- to the user that PHP runs as and not these other users? Just put these kinda directives outside webscope, I.E.: /home/USER/public_html/ /home/USER/private/ -- Med venlig hilsen / best regards ComX Networks A/S Kim Madsen Systemudvikler/Systemdeveloper Thanks that works as well :) - Free Website Promotion - A Complete Guide http://hostwindow.info/web-hosting/9/free-website-promotion/1/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Setting permissions such that file can be included but not open directly
> -Original Message- > From: Mike [mailto:[EMAIL PROTECTED] > Sent: Friday, April 15, 2005 9:43 PM > To: 'Dasmeet Singh'; php-general@lists.php.net > Subject: RE: [PHP] Setting permissions such that file can be included but > not open directly > > > directly to private/includefile.php can run the script > > without authorising themselves... > > > > Is it possible to set folder permission such that files > > inside it cant be open directly but could be included? > > Can you just give read permissions -only- to the user that PHP runs as and > not these other users? Just put these kinda directives outside webscope, I.E.: /home/USER/public_html/ /home/USER/private/ -- Med venlig hilsen / best regards ComX Networks A/S Kim Madsen Systemudvikler/Systemdeveloper -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Setting permissions such that file can be included but not open directly
I use a page to authorize a user and based on certain criterias (user group etc) include a file in another directory (named private)... Everything is working fine but the problem is anyone goign directly to private/includefile.php can run the script without authorising themselves... Is it possible to set folder permission such that files inside it cant be open directly but could be included? Configure apache to not allow access to the private directory... That will stop web browsers from getting there, but still allow your php script to include() a file within it. Something like the below if you're using apache. Other servers have similar functionality... Order deny,allow Deny from all -philip -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Setting permissions such that file can be included but not open directly
Dasmeet Singh wrote: Hi! I use a page to authorize a user and based on certain criterias (user group etc) include a file in another directory (named private)... Everything is working fine but the problem is anyone goign directly to private/includefile.php can run the script without authorising themselves... Is it possible to set folder permission such that files inside it cant be open directly but could be included? thanks in advance :) In private/.htaccess put: Order Deny,Allow Deny from all -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Setting permissions such that file can be included but not open directly
> directly to private/includefile.php can run the script > without authorising themselves... > > Is it possible to set folder permission such that files > inside it cant be open directly but could be included? Can you just give read permissions -only- to the user that PHP runs as and not these other users? -M -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Setting permissions such that file can be included but not open directly
Hi! I use a page to authorize a user and based on certain criterias (user group etc) include a file in another directory (named private)... Everything is working fine but the problem is anyone goign directly to private/includefile.php can run the script without authorising themselves... Is it possible to set folder permission such that files inside it cant be open directly but could be included? thanks in advance :) -- Free cPanel Web Hosting http://hostwindow.info/web-hosting/2/free-cpanel-web-hosting/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php