Hiding a PHP include from users

30Mar08

If you have a PHP application with a few include files, chances are you don’t want your users to navigate to them, by mistake or otherwise. So here’s a tiny script that checks if a user is looking at the include file by itself and redirects them to the proper place:

if(preg_match(”/includename/”,$_SERVER['PHP_SELF'])){
header(”Location:properlocation.php”);}

You don’t need to put \.php after includename, either, which makes this work on aliased extensions. A note: this is an adequate solution only for files that don’t contain sensitive data (such as passwords) that can’t be put in a directory above root. Enjoy!

Filed under: Uncategorized | 2 Comments
Tags: hide, include, php, redirect, users

2 Responses to “Hiding a PHP include from users”

Feed for this Entry Trackback Address

1 Antonio on May 28, 2008 said:

Not bad! But what about sending 404 error?
2 modulatum on May 28, 2008 said:

You mean when the user goes onto the “hidden” php file? In that case, just use the above, and replace the properlocation.php with your own 404.html. Remember to put this at the top of your script, otherwise you’ll get an error.

Archives
del.icio.us
Blog Stats
- 18,904 hits
Tags
ajax apache apreq2 apreq_module argument c ch chicago complexity conversation debate ethos facebook gtk gtkradiant javascript jealousy jquery json lg logic maps mod_neko mod_wxjs motorola neko nekotools openarena pathos phone php post rational rationalism razr rss scriptaculous shine ssjs taxi web wxJavaScript wxjs xampp xml
Top Posts

Hiding a PHP include from users

2 Responses to “Hiding a PHP include from users”

Leave a Reply

Archives

del.icio.us

Blog Stats

Tags

Top Posts