Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Regular Coder
    Join Date
    Jun 2002
    Posts
    138
    Thanks
    0
    Thanked 0 Times in 0 Posts

    dynamic.inc.php??protected

    hi
    i read somewhere that the
    dynamic.inc.php
    has three parts

    dynamic =filename
    inc = inclusion tag
    php = php extension

    the articel said that if files are included in this format then this file will only run if it is included in any other php file. and anyone who tries to access the file by directly typing the URL in the browser wont be able to execute it.SO is this true and safe method of including files?

    second thing if the file for example is located at htis url

    http://www.abcd.com//main/dynamic.php

    i want this file to execute only from from this domain i.e. www.abcd.com and abcd.com ..so what n how cani make this happen?help..
    Move on....

  • #2
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,280
    Thanks
    4
    Thanked 83 Times in 82 Posts
    I've never heard of that before.

    If you give an include file a .php extension and you haven't changed the default permissions for the file or directory it is in then it will go through the PHP parser and any commnds in it will be executed and if there is any output it will be sent to the browser. They will not be able to see the code for it of course but they can still execute it.

    If your include file has the comoon .inc extension and you haven't changed the default permissions for the file or the directory it is in then anyone can view the contents of that file.

    It is usually best to place your include files above the root directory of your website. That way the public cannot access them. Or at the very least make the directory they are in not accessible to the public by changing the permssions on it.

    There are lots of different methods of hiding/protecting include files.
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster

  • #3
    Regular Coder
    Join Date
    Jun 2002
    Posts
    138
    Thanks
    0
    Thanked 0 Times in 0 Posts

    and any link to learn?

    hi

    protecting the includes files by setting permissions.... do u mean read only...folders.? will i have to do that by using some scripts or by talking to my hosting company? any link or info about it on net?
    Move on....

  • #4
    Supreme Overlord Spookster's Avatar
    Join Date
    May 2002
    Location
    Marion, IA USA
    Posts
    6,280
    Thanks
    4
    Thanked 83 Times in 82 Posts
    The easiest way would be to use a .htaccess file if your host allows that.

    You could put the .htaccess file in your root directory and put something like this in it:

    <Files .inc>
    order allow,deny
    deny from all
    </Files>

    This would deny anyone from viewing or accessing files with .inc extensions in your site.

    You could also CHMOD each and every file with the proper permissions not allowing the public to access or execute them. Or you could CHMOD the directory that the include files are in. You can find plenty of information in the forum on CHMOD by using the search feature or googling for it.

    Like I said there are many effective ways but the most effective is of course putting the include files in a non-web accessible directory like above your root directory.
    Spookster
    CodingForums Supreme Overlord
    All Hail Spookster


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •