php disables access to the. php file directly from the browser input address

This article illustrates how php prohibits access to the. php file directly from the browser input address. Share it for your reference. The specific implementation method is as follows:

Generally speaking, we don't want users to enter addresses directly for access to some important files, so we need to set up some settings. The following is a summary of some php methods that prohibit access to. PHP files directly from the browser input address, which is very practical.

For example, the file https://www.ofstack.com/xx.php, I don't want others to access it directly from the browser.

However, if you can't access https://www. ofstack. com/xx. php from any website, you can't access it if you establish a connection locally. Jump to another address.

1. Just write the following code in the header of xx. php file

$fromurl="https://www.ofstack.com/"; // Jump to this address. 

if( $_SERVER['HTTP_REFERER'] == "" )

{

header("Location:".$fromurl); exit;

}

In this way, we only need to simply forge the source, and we can also do the following:
2. Define an identity variable in the program

define('IN_SYS', TRUE);

3. Get this variable in config. php

if(!defined('IN_SYS')) { 

exit(' Prohibit access '); 

}

The latter two methods are encountered in many cms.

I hope this article is helpful to everyone's PHP programming.