Jump to content

how to prevent direct page access

glennn.php

By glennn.php
in PHP Coding Help

 Share

Recommended Posts

The Little Guy Prolific Member

The Little Guy

Posted
Posted

Try this:

if(basename(__FILE__) == basename($_SERVER['PHP_SELF'])) send_404(); 
function send_404()
{
    header('HTTP/1.x 404 Not Found');
    print '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">'."n".
    '<html><head>'."n".
    '<title>404 Not Found</title>'."n".
    '</head><body>'."n".
    '<h1>Not Found</h1>'."n".
    '<p>The requested URL '.
    str_replace(strstr($_SERVER['REQUEST_URI'], '?'), '', $_SERVER['REQUEST_URI']).
    ' was not found on this server.</p>'."n".
    '</body></html>'."n";
    exit;
} 
/*
    File content.
*/

glennn.php Regular Member

glennn.php

Posted
  • Author
Posted

yes, now i remember that - thanks!

 

** although this won't detect if the page is within a frame or not, like this javascript clause:

 

if (top.location == self.location) ...

 

is there a PHP means of doing this?

 

thanks again

 

 

DarkWater Member

DarkWater

Posted
Posted
  Quote

yes, now i remember that - thanks!

 

** although this won't detect if the page is within a frame or not, like this javascript clause:

 

if (top.location == self.location) ...

 

is there a PHP means of doing this?

 

thanks again

 

 

 

Nope, PHP is server-sided, so I doubt you can do that.

ThunderAI Member

ThunderAI

Posted
Posted
  Quote

Try this:

if(basename(__FILE__) == basename($_SERVER['PHP_SELF'])) send_404(); 
function send_404()
{
    header('HTTP/1.x 404 Not Found');
    print '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">'."n".
    '<html><head>'."n".
    '<title>404 Not Found</title>'."n".
    '</head><body>'."n".
    '<h1>Not Found</h1>'."n".
    '<p>The requested URL '.
    str_replace(strstr($_SERVER['REQUEST_URI'], '?'), '', $_SERVER['REQUEST_URI']).
    ' was not found on this server.</p>'."n".
    '</body></html>'."n";
    exit;
} 
/*
    File content.
*/

 

I tried this code on a page withinan iframe, and PHP kust blocks access to it weather or not it is in an iframe. In fact, I am not sure I even gain access to the file with this 404 function.

glennn.php Regular Member

glennn.php

Posted
  • Author
Posted

no, right - since it's still a called url it's still seen as PHP_SELF by php... i guess...

 

i would have thought PHP would have some ability to see the difference, though. i'm by no means fluent in it (disregard my nickname - that's just wishful thinking :o).

 

if anyone knows if PHP can recognize a call to a frame, i'd love to hear it.

 

Thanks,

Glenn

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.