I'm looking for a secure solution to ensure that my PHP script is executing LOCALLY via shell (not via 127.0.0.1)
e.g.
C:\php > php P:\ath\to\script.php
The reason : cron or win task scheduler will run this script once per month to generate a token that grants access to another page (MySQL stuff) and I don't want external clients to be able to run this script.
You could always put the script in a dir not accessible from web.
If that is not a possibility create a .htaccess file that deny access from all. That way you can reach it from the machine, but not from the web.
order deny,allow
deny from all
The correct answer: do not put something, that should not be accessed by web, to web-accessible place
However, if you want to check that, you can check argv key of $_SERVER array. If it exists, then it is CLI call (and [0] element of this array will hold script's name). I.e.
if(array_key_exists('argv', $_SERVER))
{
//cli call
}
else
{
//non-cli call
}