Axcelcius Posted October 31, 2007 Share Posted October 31, 2007 I have two files. index.html and system_check.php. I was using the following code to prevent hackers from accessing system_check.php directly. The problem is that it also prevents index.html from accessing that file. <?php //Protects from Unauthorized Access if(eregi("system_check.php", $_SERVER['PHP_SELF'])) die("Hacking Attempt"); ?> Is there an alternate way of denying direct access to system_check.php but will allow index.html to access it? Quote Link to comment Share on other sites More sharing options...
MadTechie Posted October 31, 2007 Share Posted October 31, 2007 Opps miss-read.. it would be easier if index.html was index.php, is that possible ? Quote Link to comment Share on other sites More sharing options...
sKunKbad Posted October 31, 2007 Share Posted October 31, 2007 I believe what I've seen is a simple check of the HTTP_Referer, and redirect to somewhere else or block access to anything that isn't from your domain. Quote Link to comment Share on other sites More sharing options...
kratsg Posted October 31, 2007 Share Posted October 31, 2007 Why not use sessions? index session_start(); $_SESSION['confirmindex'] = true; system_check if(!$_SESSION['confirmindex']){die("I'm sorry, an illegal attempt to access this page has been identified.");} Quote Link to comment Share on other sites More sharing options...
Locked Posted October 31, 2007 Share Posted October 31, 2007 Why not only allow the localhost to access the page? Basicly the same as what mysql does Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.