What is the point of this constant in Kohana?

Question

In Kohana's core class, there is a constant FILE_SECURITY.

string(60) "<?php defined('SYSPATH') or die('No direct script access.');"

Now obviously if you place this at the start of your files, and if it is accessed outside of the Kohana environment, it will die().

But what is the purpose of this constant? We can't eval() it because it has a leading <?php.

Does Kohana create PHP files somewhere and uses it to prepend it to the start of the file?

+1 from someone who doesn't use Kohana but is interested in it's developemnt/design — Billy ONeal, Nov 12 '10 at 00:57
`eval` won't matter, the constant `SYSPATH` will still be found undefined and result into `die` — Sarfraz, Nov 12 '10 at 00:58

score 7 · Accepted Answer · answered Nov 12 '10 at 01:02

7

The Kohana_Log_File::write function uses the constant:

// Set the name of the log file
$filename = $directory.date('d').EXT;

if ( ! file_exists($filename))
{
    // Create the log file
    file_put_contents($filename, Kohana::FILE_SECURITY.' ?>'.PHP_EOL);

    // Allow anyone to write to log files
    chmod($filename, 0666);
}

Looks like it's inserted into a log to stop it from being read from a public URL.

answered Nov 12 '10 at 01:02

Brian McKenna

45,528
6
61
60

Googled the constant name, went to the API docs and read the `write` function. – Brian McKenna Nov 12 '10 at 01:03
Yeah, I just tried that. Don't know why I didn't think of that actually - or searched on GitHub. – alex Nov 12 '10 at 01:04

score 0 · Answer 2 · answered Nov 12 '10 at 10:11

0

Also you can use this constant while autogenerating your custom files, like configs (possible in installation apps?).

answered Nov 12 '10 at 10:11

biakaveron

5,493
1
16
20

What is the point of this constant in Kohana?

2 Answers2