Folder Permission on Linux: only allow my PHP script access?

[Anonymous]

I made a simple (unsecure, I know), php script to handle a few password protected pages on my site. All of the links to the secure pages pass a variable to the script that then gets the requested file's content from a sub folder and shows it (if they enter the correct password).

My question is this. Can I set the permission (linux server) on the subfolder so that only my local script can access the files inside (but web site visitors can't just type in the address to a file in that folder)?

Thanks in advance.

 

[Anonymous]

Here is what you can to. Make a directory in your account that is not world readable. Typically in your root dir under the public_html dir. Just have your script read in the information from that dir.

You cannot change the permissions on the file because your webserver user that the index.php is executed as would not beable to read in the file.

You could use .htaccess on the subfolder. it would bring up a username and password dialog if the user directly access the file.

 

[Anonymous]

Why not use php sessions??