shadowx 0 Report post Posted August 29, 2006 Hi everyoneIve finally got a bit of an opportunity to do some php coding for an organisation which shouldnt be too hard. But i want to have some php files which will be used as includes in another php script but for added protection i dont want these php files to be visible by the public. I know i can use htaccess to easilly hide these files but what im worried about is will the head script be able to see the includes it needs if the htaccess file is hiding the entire directory?Obviously its no good if not even the local server can see its own scripts and i havent used htaccess properly before and i just wondered if i did use it to hide the includes directory will the first script still be able to access and include them correctly?Thanks Share this post Link to post Share on other sites
rvalkass 5 Report post Posted August 29, 2006 When you say you don't want them visible, do you mean in a directory listing? If so, just add a blank index.htm file into the directory so a listing can't appear. This does mean that if people know the file name they can still open the file, but all they'll get is the HTML output, not the PHP code. As for using an .htaccess file, I'm not sure if PHP will still be able to access the files, as I tend not to use .htaccess much now. Share this post Link to post Share on other sites
electriic ink 1 Report post Posted August 29, 2006 If you don't want people to see or execute them then you don't need .htaccess, you can do it using php. It's a more compucated way than using .htaccess so you should only use this method if no-one can provide you with the .htaccess answer: Put this piece of code at the top of all files in the includes directory: <? if (empty($permit)) { exit (' You do not have permission to see this file! '); } ?> At the beginning of each file which which requires the include files, place: <? $permit = 'Yes'; ?> Unfortuneately, I know little of .htaccess but I'll try and see if I can find anything on google.... Share this post Link to post Share on other sites
shadowx 0 Report post Posted August 30, 2006 Thanks for the suggestions, ill use the php method if i cant find a htaccess one, ill have a look myself as this is the first chance ive had to use the computer since i posted. Maybe the htaccess method is very illusive or non exsistent Share this post Link to post Share on other sites
CrazyRob 0 Report post Posted August 30, 2006 therre is a much simpler way than that all you need to do is encode them in IonCube or Zend and install the ioncube loaders or zend laoders on your server then oly your server will be able to esxactue them and the php files will be encrypted if taken off the server. Share this post Link to post Share on other sites