I am using a common file called menubar.php which obviously shows menubar. I am using REQUIRE("menubar.php") in all the files which need menubar to be shown. The problem I am facing is I don't want the menubar to be displayed if I am accessing it through url ex. localhost/project/menubar.php.
Asked
Active
Viewed 36 times
0
alexander.polomodov
- 5,396
- 14
- 39
- 46
Piyush Patil
- 55
- 9
-
Do you want to browse this menubar.php file via url like localhost/project/menubar.php.? Or do you want to prevent to access this file via direct url? – Jino Shaji Sep 10 '17 at 05:55
-
Just store the file in a directory above your web root directory. – Joshua Jones Sep 10 '17 at 05:59
-
Sometimes you just have to know what to look for: https://stackoverflow.com/questions/2397004/php-check-if-a-file-is-loaded-directly-instead-of-including – Brian Gottier Sep 10 '17 at 06:12
-
2Possible duplicate of [Prevent direct access to a php include file](https://stackoverflow.com/questions/409496/prevent-direct-access-to-a-php-include-file) – Progrock Sep 10 '17 at 06:15
-
improve code output – alexander.polomodov Sep 10 '17 at 09:34
1 Answers
0
That is how I prevented direct access from URL to your menubar.php file. Paste the following code in .htaccess file inside the directory where 'menubar.php' file is located.
<Files ~ "menubar.php">
Order allow,deny
Deny from all
</Files>
It will prevent to access menubar.php file via url, but it can access inside your server language.
Jino Shaji
- 1,097
- 14
- 27
-
There is no guarantee this is an Apache type server, or that the server config will allow this. – Brian Gottier Sep 10 '17 at 06:08
-
1thanks for the suggestion jino shaji. What I did instead was used session. In menubar.php i am using a session variable but I did not write session_start(). I write session_start where i need the menubar then require 'menubar.php'. This way the menubar.php only executes when it was called by a php page having session_start() – Piyush Patil Sep 10 '17 at 10:40