Jump to content

Hiding file from visitors

xcandiottix

By xcandiottix
in PHP Coding Help

 Share

Recommended Posts

xcandiottix Regular Member

xcandiottix

Posted
Posted

If I have an XML file which my site reads from with JS and PHP is it possible to set the file or folder the XML page is in to be un-seeable by visitors but it can still be written to and read from with php and read from with JS?

 

I have sensitive information on the XML page and I am trying to decide if I should make a second XML file or not.

Link to comment
https://forums.phpfreaks.com/topic/207908-hiding-file-from-visitors/
Share on other sites
xcandiottix Regular Member

xcandiottix

Posted
  • Author
Posted

Yes javascript. ..... could I possibly hide the XML on the server so its not "open game" but when it is needed I could have php read the file for the exact things I need and then print that to a file? Basically I just dont want someone to either A. type the url of the xml file and view it or B. make an application that goes and gets everyone's xml and takes data from it.

meltingpoint Member

meltingpoint

Posted
Posted

If your host lets you- you could place it outside the public_html folder and then access it via the script.  I have done this with flat files on my own website.  The scripts can still read them via an absolute link while it is hidden and not accessible to the public.

 

Hope that helps.

xcandiottix Regular Member

xcandiottix

Posted
  • Author
Posted

If your host lets you- you could place it outside the public_html folder and then access it via the script.  I have done this with flat files on my own website.  The scripts can still read them via an absolute link while it is hidden and not accessible to the public.

 

Hope that helps.

 

Yes this is the direction I want to go... i noticed for some of my scripts I have to use an absolute link to access the XML and i was trying to figure out what i can do. I'm not sure I can get out side of the public directory but my host does let me have good permission control, so hopefully i can figure out something. Thanks!

meltingpoint Member

meltingpoint

Posted
Posted

By way of example:

 

First - find the SERVER['DOCUMENT_ROOT'] which should look something like;

/home/yourserverspace/public_html/yourwebsite.com

 

Create a folder abouve the public_html - myhiddenfolder

 

$secure_path ='/home/yourserverspace/myhiddenfolder';

 

$yoursacredfile = $sec_path."/myxmlfile.txt";

 

No to have the script open the file- do like so;

 

$openedfile =fopen("$yoursacredfile", "r");

 

Cheers-

xcandiottix Regular Member

xcandiottix

Posted
  • Author
Posted

Very good, I'm going to give that a shot. If it doesn't work I think I might just encode the XML file as php and validate the user before echoing out the XML data. That way if the user asking for the file isn't the same user who the file belongs to I can deny them access with an IF statement. Plus log the ip ;p

 

Thanks! i'll report back.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.