PHP list file with exception

Question

I have made a PHP page which shows a list of files in one folder. Now that I don't want some one to access this folder directly, I plan to add a PHP script which redirects to index.php. Simply I don't want this file to appear in the list

Can I add exception to this extension only? or any better idea for that?

if ($handle = opendir('manual')) {
    while (false !== ($entry = readdir($handle))) {
           if ($entry != "." && $entry != "..") {
               echo "<a href='manual/$entry' target='_blank'>$entry</><br>";
           }
     }
     closedir($handle);
}

You can add a `.htaccess` rule inside the `manual` folder which will prevent access to that directory -- but then all your links the above code outputs will be broken. In which case, instead of referring to 'manual/$entry' call another file like `foo.php?file=$entry` which foo.php is responsible for getting the contents of `$entry`. This overall is really sloppy. — Kraang Prime, Jan 06 '17 at 01:57

N3R4ZZuRR0 · Accepted Answer · 2017-01-06T02:11:42.830

1

If you don't want your index.php file to be displayed in this list then simply use an if statement.

if ($handle = opendir('manual')) {
    while (false !== ($entry = readdir($handle))) {
           if ($entry != "." && $entry != "..") {
               if($entry!='index.php') // Go ahead only if the file is not index.php
                   echo "<a href='manual/$entry' target='_blank'>$entry</a><br>";
           }
     }
     closedir($handle);
}

And, if you want to hide all the php files, then you can use preg_match:

if ($handle = opendir('manual')) {
    while (false !== ($entry = readdir($handle))) {
           if ($entry != "." && $entry != "..") {
               if (!preg_match('/.php/', $entry)) // Go ahead only if the file is not having .php as it's extension
                   echo "<a href='manual/$entry' target='_blank'>$entry</a><br>";
           }
     }
     closedir($handle);
}

edited Jan 06 '17 at 02:11

answered Jan 06 '17 at 01:59

N3R4ZZuRR0

2,400
4
18
32

sure this work, but can i just like prevent all .php file to appear? – Andreas Chandra Gaozu Jan 06 '17 at 02:03
You could use `preg_match()`, or see http://stackoverflow.com/questions/173868/how-to-extract-a-file-extension-in-php to get the extension and compare that. – Barmar Jan 06 '17 at 02:04
yeah you can use `preg_match`. I have edited my answer accordingly. – N3R4ZZuRR0 Jan 06 '17 at 02:09

score 0 · Answer 2 · answered Jan 06 '17 at 02:26

0

you can simply use a flag variable to identify the status of visitor,if has no the variable,let he redirect. Usually we use session the global variable to do the work

answered Jan 06 '17 at 02:26

yuen

1
1

PHP list file with exception

2 Answers2