[SOLVED] a file can only used if inside another php file

[chadrt]

I am building a dispatch system for a roadside assistance company from scratch.  It is interesting as I have never had a project this big before and my knowledge of php is sub-beginner.

 

I am doing ok so far but I have a page that authenticates users after a login form sets a cookie.  This form calls other pages into it using

 

include($page.".php")

 

but those pages  can be called individually and I want them to be rendered useless unless they are called from within the main page.  Thank you for your help.

[elgoog]

in your include file put this at the top

 

<?php

if ($fileaccess != "allow") {

    exit('No direct access allowed');

}

?>

 

then you will not be able to direct access. Then in your index put

 

$fileaccess = "allow";

include($page.".php")

 

 

[chadrt]

So simple and so perfect!  Thank you so much...

[chadrt]

Ok quick question what I do something like this?

 

<?php
if ($fileaccess9 != "allowRR783") {
     header("Location: index.php");
}
?>

 

Because the index is a redirect to the login page which also check for cookie existence and will redirect them to the dispatch system main page if it exists, isnt expired and the user has not been suspended in the system.

 

If I do this is this fail safe?  Or is there some level of security I should be aware of doing it this way?

 

Thanks again for your help...

[elgoog]

<?php

if ($fileaccess9 != "allowRR783") {

    header("Location: index.php");

    exit();

}

?>

 

You should also exit too. I beleive the header location is browser based and can be bypassed

[chadrt]

Thank you again!!