Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

preventing direct access to a php page, only access if redirected

Tags:

php

I want to make my php page only accessible from another page redirect and prevent my user from accessing it directly.

I mean, let's say I have a page called "main.php" and another PHP file that I want to prevent direct access to, called "noaccess.php".

I want to make noaccess.php accessible only if I redirect from main.php

Any suggestions?

UPDATE: Session is a good idea, but the problem is I have to use JavaScript to redirect the page, so the question is, can I use ajax to set a PHP session?

UPDATE 2: OK I found the solution, I don't need preventing direct access now, as I can check from mysql whether the page needs to be accessible or not.

like image 756
Utku Dalmaz Avatar asked Apr 06 '10 20:04

Utku Dalmaz

People also ask

How do I deny all access to a PHP include file?

Deny access to all files in your include directory. If your PHP include files are located in a particular directory, you can tell your web server to deny all access to it. Apache. If you are using Apache, you can create a .htaccess file and place it in the directory in question. This .htaccess file should contain the following directives:

How to prevent access to a page in a database?

To prevent access to pages, the best practice is to use session variables say $_SESSION['username'] and $_SESSION['password'] to check against your database table record assuming your table name is "users", the fields 'username' and 'password' in order for users to gain access to the page, else they are redirected to the log in page for them to ...

How to redirect user to home page in Apache server?

Restart Apache server to apply changes. Now when a user tries to access /form.php via GET request on a browser or CLI then they will be redirected to home page. Apache, PHP direct access. permalink .

Is it better to allow or disable Ajax file calling only?

If a file calling only via AJAX then it is better to disable it from direct access for security reason. In web technology, it is always said that allow only those which is necessary. It is applicable for any types of file, code, part of the code, directory and so on.

1 Answers

What if everytime you were going to redirect you saved a value in the $_SESSION variable. So you have

//code
$_SESSION['fromMain'] = "true";
header("Location: noaccess.php");

Then in noaccess.php put 

if($_SESSION['fromMain'] == "false"){
   //send them back
   header("Location: foo.php");
}
else{
   //reset the variable
   $_SESSION['fromMain'] = "false";
}

I really don't know if this would work or not, but this is what I would try off the top of my head.

like image 172
user299416 Avatar answered Nov 14 '22 22:11

user299416
Sign in to Comment

Related questions

Force Laravel to use HTTPS version
How to add a class to a WooCommerce product within the product loop
How laravel use $this context in static methods?
How to make a generic repository in Symfony 4
Login a user only if his status is active in Laravel 5.7
regexp for finding everything between <a> and </a> tags
What is the best way to persist PHP application setings?
The ideal "always/anywhere available" web development environment?
Protect php script that receive paypal IPN notifications
How to use Pixel Tracking across domains in PHP
Can I make a variable globally visible without having to declare it global in every single PHP class's constructor?
CakePHP: Clearing password field on failed submission
What character replacements should be performed to make base 64 encoding URL safe?
Pass variable to extended PHP class
How to create a link that triggers file download?
Explode string only once on first occurring substring
In PHP, when using PDO with pgSQL how to get the value of "RETURNING" clause in the original INSERT sql query
reading binary code of a file...in PHP
How do I match accented characters in preg_match()?
Matching UTF Characters with preg_match in PHP: (*UTF8) Works on Windows but not Linux

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!