glennn.php Posted June 15, 2008 Share Posted June 15, 2008 i've been havng trouble finding the function that checks if a page is being diectly accessed or if it's loaded in an iframe or include... can someone give a guy a hand? thanks GN Link to comment https://forums.phpfreaks.com/topic/110265-how-to-prevent-direct-page-access/ Share on other sites More sharing options...
The Little Guy Posted June 15, 2008 Share Posted June 15, 2008 Try this: if(basename(__FILE__) == basename($_SERVER['PHP_SELF'])) send_404(); function send_404() { header('HTTP/1.x 404 Not Found'); print '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">'."n". '<html><head>'."n". '<title>404 Not Found</title>'."n". '</head><body>'."n". '<h1>Not Found</h1>'."n". '<p>The requested URL '. str_replace(strstr($_SERVER['REQUEST_URI'], '?'), '', $_SERVER['REQUEST_URI']). ' was not found on this server.</p>'."n". '</body></html>'."n"; exit; } /* File content. */ Link to comment https://forums.phpfreaks.com/topic/110265-how-to-prevent-direct-page-access/#findComment-565792 Share on other sites More sharing options...
glennn.php Posted June 15, 2008 Author Share Posted June 15, 2008 yes, now i remember that - thanks! ** although this won't detect if the page is within a frame or not, like this javascript clause: if (top.location == self.location) ... is there a PHP means of doing this? thanks again Link to comment https://forums.phpfreaks.com/topic/110265-how-to-prevent-direct-page-access/#findComment-565883 Share on other sites More sharing options...
DarkWater Posted June 15, 2008 Share Posted June 15, 2008 yes, now i remember that - thanks! ** although this won't detect if the page is within a frame or not, like this javascript clause: if (top.location == self.location) ... is there a PHP means of doing this? thanks again Nope, PHP is server-sided, so I doubt you can do that. Link to comment https://forums.phpfreaks.com/topic/110265-how-to-prevent-direct-page-access/#findComment-565887 Share on other sites More sharing options...
ThunderAI Posted June 15, 2008 Share Posted June 15, 2008 Try this: if(basename(__FILE__) == basename($_SERVER['PHP_SELF'])) send_404(); function send_404() { header('HTTP/1.x 404 Not Found'); print '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">'."n". '<html><head>'."n". '<title>404 Not Found</title>'."n". '</head><body>'."n". '<h1>Not Found</h1>'."n". '<p>The requested URL '. str_replace(strstr($_SERVER['REQUEST_URI'], '?'), '', $_SERVER['REQUEST_URI']). ' was not found on this server.</p>'."n". '</body></html>'."n"; exit; } /* File content. */ I tried this code on a page withinan iframe, and PHP kust blocks access to it weather or not it is in an iframe. In fact, I am not sure I even gain access to the file with this 404 function. Link to comment https://forums.phpfreaks.com/topic/110265-how-to-prevent-direct-page-access/#findComment-565919 Share on other sites More sharing options...
glennn.php Posted June 15, 2008 Author Share Posted June 15, 2008 no, right - since it's still a called url it's still seen as PHP_SELF by php... i guess... i would have thought PHP would have some ability to see the difference, though. i'm by no means fluent in it (disregard my nickname - that's just wishful thinking ). if anyone knows if PHP can recognize a call to a frame, i'd love to hear it. Thanks, Glenn Link to comment https://forums.phpfreaks.com/topic/110265-how-to-prevent-direct-page-access/#findComment-565962 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.