Kuartz
Reputation: 302
forbid direct access to php files (MVC)
My files are organized with the MVC pattern (Model, View, Controller).
How am I supposed to protect files in these folders from direct access?
For example, I would like to forbid user to write manually "http://VIEW/blabla". Indeed, the only files which would be supposed to be accessible are outside the folders. They just call, with 'include' php function, the other files contained in VIEW, CONTROLLER and MODEL.
If I protect these folders, when I have something like :
<form action="MODEL/userCreate.php" method="post" id="form">
Will the code be blocked by my protection?
Upvotes: 1
Views: 77
Answers (1)
Paul Dixon
Reputation: 300975
Put those folders outside your document root
/project
/src <-------------your code, not served over http
MyClass.php
/web <-------------your document root, served over http
index.php
Upvotes: 1
Related Questions
- Block direct access to .php files, less the index.php file and ajax.php file
- Prevent PHP code from executing if form was not submitted
- Stop direct access to all files in a folder, but allow ajax requests
- Prevent direct access to .php files in .htaccess
- Restrict access to files if targeted directly
- Prevent access to php files (folder) with .htaccess EXCEPT for XMLHttpRequest
- Protect php files from direct access
- Disallowing PHP file to be accessed directly
- Preventing direct access to php files
- PHP: How to prevent direct access to JavaScript files?