Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is the point of this constant in Kohana?

Tags:

php

kohana

In Kohana's core class, there is a constant FILE_SECURITY.

string(60) "<?php defined('SYSPATH') or die('No direct script access.');"

Now obviously if you place this at the start of your files, and if it is accessed outside of the Kohana environment, it will die().

But what is the purpose of this constant? We can't eval() it because it has a leading <?php.

Does Kohana create PHP files somewhere and uses it to prepend it to the start of the file?

like image 992
alex Avatar asked Nov 12 '10 00:11

alex


1 Answers

The Kohana_Log_File::write function uses the constant:

// Set the name of the log file
$filename = $directory.date('d').EXT;

if ( ! file_exists($filename))
{
    // Create the log file
    file_put_contents($filename, Kohana::FILE_SECURITY.' ?>'.PHP_EOL);

    // Allow anyone to write to log files
    chmod($filename, 0666);
}

Looks like it's inserted into a log to stop it from being read from a public URL.

like image 119
Brian McKenna Avatar answered Oct 11 '22 13:10

Brian McKenna