Reputation: 147
Restricting direct access to php file
I have an index.php file where I login and move to another file called map.php from where on clicking button I reach inc.php.
The problem is on typing the link localhost/lilly/inc.php the unauthorised user or any public user should not be able to access this file, only the person logged in should!
How can I do this? I have read about using .htaccess etc but I have completely not understood anything from other articles..
I have used inc.php:
if(!defined('MyConst')) {
die('Direct access not permitted');
}
Map.php:
define('MyConst', TRUE);
Upvotes: 0
Views: 81
Answers (1)
Reputation: 141
Use sessions for your requirement.
In your index.php page, start a session and store the user id (or any other data to uniquely identify the user) after someone is logged in.
index.php:
session_start();
$_SESSION['user_id'] = $user_id; // $user_id is the user id of the logged in user
And check the existence of the user_id in the inc.php file
inc.php:
if (!isset($_SESSION['user_id'])
header("Location:index.php"); // redirect to index.php page if the user is not logged in
References:
Upvotes: 1
Related Questions
- Prevent direct access to a php file that would be loaded in another server
- How to hinder PHP files to Global Access
- Blocking direct script access to a file
- Disable direct access to certain files (include)
- How to block direct access to my php file
- php script prevent direct access
- How to restrict access to a PHP file?
- Protecting PHP file from direct access
- How to prevent direct access to files?
- Preventing direct access to php files