Welcome!

Join our community of MMORPG enthusiasts and private server developers! By registering, you'll gain access to in-depth discussions on source codes, binaries, and the latest developments in MMORPG server files. Collaborate with like-minded individuals, explore tutorials, and share insights on building and optimizing private servers. Join us today and unlock the full potential of MMORPG server development!

Join Today!

Disabling direct script access

Experienced Elementalist
Joined
Apr 30, 2011
Messages
241
Reaction score
23
Location
England, UK
Hey guys, I'm currently working on a new system for my latest project. I was wondering, is it possible to stop people accessing my scripts directly?

For example,
if a use went to the following URL

http://project.com/system/engine.php

it would return the message

'You do not have the correct permissions to access this script'

thanks
 
Yes, but then if I access the script from another file

require('scriptname.php');

it will still return the message 'You cannot access this script'

I need the script to return that message when they are visiting the page directly, and it isn't called from another file.
 
http://www.namepros.com/programming/408685-php-prevent-direct-url-typing.html#post2402037 said:
PHP:
<?php 
if (strtolower(__FILE__) == strtolower($_SERVER['SCRIPT_FILENAME'])) 
{ 
    echo 'Do not call this file directly'; 
    exit(); 
} 
echo 'The rest of the script here'; 
?>

5char
 
or you can simple deny access setting .htaccess (apache) rules in a folder
obviously you can't put it on the root folder... you'll need a folder of includes/libs
 
Is everything run through index.php?

If so, you could do add the following to the index.php page:
PHP:
define('IN_SCRIPT', TRUE);

Then add the following to every other page:
PHP:
if(!defined('IN_SCRIPT')) {

   die('Sorry, but you can not access this file directly. :(');

}
 
@rastalulz everything is running through engine.php
@wolfulus @das7002 that method seems the easiest, I think I'll follow this!
 
Back