accessing a php webpage that is stored outside the public ar

A

Anonymous

Guest
You could do something like setting a session variable on the page you're linking from, and checking for it at the top of your php page. If it's not set, you send a header to point the user back somewhere else. Then you unset it if you don't want the user to be able to come right back to that page in the same session.

Code: 
session_start(); 
if (empty($_SESSION['referrer']))
{header("Location: index.php");
			exit();}
unset($_SESSION['referrer']);
 
Hi,
You could also, as you suggest, store the 'private' pages outside the public area. Public pages can still read the private pages (subject to permissions, of course). A simple way to read them is with include() or require_once().

In fact, if you have include files then it is generally a good idea for security to store them outside of the public area so they cannot be executed directly by users. A private area also helps keep sensitive information like database passwords secure, because sometimes web server decide to serve your PHP source rather than the results of execution.

-A
 
You must log in or register to reply here.
Back
Top