1

what is the best method?

I use this way...

index.php

<?php $secure = true; include_once("file.php"); ?>

I do not want opens file.php directly. so in first line I wrote this code: file.php

<?php // first line I wrote this code: if(!isset($secure)) exit('No Access');if(!$secure) exit('No Access'); ... some code ... ?>

Do you think my method is true?

Improve this question
1
  • 4
    why not store the file in a directory that cannot be directly accessed? Commented Dec 27, 2016 at 19:38

1 Answer 1

Reset to default
1

It's a commonly used method in many cms and frameworks. Usually by defining a constant instead of setting a variable, but the idea is the same.

E.g., in Wordpress:

defined('ABSPATH') or die("Cannot access pages directly.");

Still, if you have full control of your setup (e.g., not installing a third party CMS or framework), putting your files where the webserver can't access them is usually better.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.