How to restrict certain files from being open directly from the url / how to secure 'include' files

Question

I have various files which are included in one php page by the line: include'blahblah.php';

I am unable to figure out how to block direct access to these files from the address bar!

for example:

Anyone after looking at my source code can try to open the file 'blahblah.php' by typing in the address bar: http://www.mydomain.com/mydir/blahblah.php

How do i restrict people from doing so?

Thanks in Advance!

score 0 · Accepted Answer · answered Apr 21 '12 at 18:20

0

the classic way of doing this is by using define and defined functions, in the main page you do some

define('pagescope', 'true');

And then on the included

if (!defined('pagescope')) die('nooooooo you cant');

answered Apr 21 '12 at 18:20

Are you aware of what .htaccess is ? or something of that sort? – Arihant Apr 21 '12 at 18:49
Many frameworks like Kohana for example uses these approach and also you need to keep in mind that apache is not the only server that can run php. – Juan Alberto López Cavallotti Apr 21 '12 at 18:50

1 Answers1