This question already has an answer here:
I have an index.php page and I'm using
<?php include("default.php"); ?>
to get contents from default.php. Now i want that if someone directly opens default.php it becomes unaccessable or redirect it back to index.php page. How can i do it ?
</div>
@NiettheDarkAbsol's answer is the best one, but sometimes putting files outside of the public_html directory isn't an option. In this case you can add a check at the top of each file to make sure that it's opened by a valid file, not accessed directly. I do this by setting a constant at the top of files that can be accessed using define('IN_SITE', true, true); and then add the following to all pages not allowed to be accessed directly:
if ( ! defined('IN_SITE') )
die('No direct access allowed!');
If you don't want something accessed by the user, don't put it in public_html. The hint is in the name, it's public.
Instead, save such files outside the document root. You might, for example, have:
- /public_html
| - index.php
|
- /files
- default.php
From here, index.php can call:
include("../files/default.php");
But no user will ever be able to directly access default.php.
Add above code in file which file you will include in other file. this code in default.php
<?php
if(!defined('MyConst')) {
die('Direct access not permitted');
}
?>
And below code in file in which above file your including this code in index.php file
<?php
define('MyConst', TRUE);
?>
And other way you can achieve with the help of .htaccess add your all file in folder name include and in .htaccess
Deny from all
i hope this will helps you