prevent specific page from direct Access

Question

I have a page that I don't want users to access directly for security reasons.

For example I have a page profile.php; I want when a user presses the button the profile page will open and if he wants to access page directly from url it will restrict him.

<?php define('SECURE_PAGE', true);include 'includes/page.php';?>

I have tried this but couldn't solve my issue

score 0 · Answer 1 · answered May 05 '20 at 13:31

0

You can simply return 403 status code under certain condition:

if ($something) {
    http_response_code(403);
    // optionally display nice 403 page with `include()` or just `echo`.
    exit;
}

answered May 05 '20 at 13:31

Robo Robok

21,132
17
68
126

When i put define a constant in index.php and acces it in profile.php it says undefined constant – husnain May 05 '20 at 14:47
Do you use any framework? The constant itself won't do anything. – Robo Robok May 05 '20 at 15:06
No, actually i am new to php – husnain May 05 '20 at 15:08
Take a look at that suggested answer above. It shows how to do it via .htaccess, however I think in most cases it should be done in the code. – Robo Robok May 05 '20 at 15:16

prevent specific page from direct Access

1 Answers1