php disables access to the. php file directly from the browser input address
- 2021-07-26 07:03:04
- OfStack
This article illustrates how php prohibits access to the. php file directly from the browser input address. Share it for your reference. The specific implementation method is as follows:
Generally speaking, we don't want users to enter addresses directly for access to some important files, so we need to set up some settings. The following is a summary of some php methods that prohibit access to. PHP files directly from the browser input address, which is very practical.
For example, the file https://www.ofstack.com/xx.php, I don't want others to access it directly from the browser.
However, if you can't access https://www. ofstack. com/xx. php from any website, you can't access it if you establish a connection locally. Jump to another address.
1. Just write the following code in the header of xx. php file
$fromurl="https://www.ofstack.com/"; // Jump to this address.
if( $_SERVER['HTTP_REFERER'] == "" )
{
header("Location:".$fromurl); exit;
}
In this way, we only need to simply forge the source, and we can also do the following:
2. Define an identity variable in the program
define('IN_SYS', TRUE);
3. Get this variable in config. php
if(!defined('IN_SYS')) {
exit(' Prohibit access ');
}
The latter two methods are encountered in many cms.
I hope this article is helpful to everyone's PHP programming.