Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 11 of 11
  1. #1
    New Coder
    Join Date
    Nov 2006
    Posts
    71
    Thanks
    12
    Thanked 0 Times in 0 Posts

    Hiding from public view

    OK so I have some files I want to publish on the web but I do not want anyone having any access to them even with the absolute path. Do I want to put a user name and password limit on one page and have it redirect to the page from there? I am very new to PHP and dynamic web pages altogether. Any help would be appreciated. Thank you.

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Move it above you're document root and read it in with PHP.
    Code:
    /home
        /youruser
            /supporfiles
                / Files in question
            /public_html
                + index.php
    Then read it in with php, a simple include will probably do, or use a io read:
    PHP Code:
    <?php

    require_once dirname(__FILE__) . '/../supportfiles/myfile.txt';
    ?>
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #3
    New Coder
    Join Date
    Nov 2006
    Posts
    71
    Thanks
    12
    Thanked 0 Times in 0 Posts
    Sorry this is new to me. So move the php above the directory where my files reside?

    Then,

    PHP Code:
    <?php
    require_once dirname(__FILE__) . '/../supportfiles/myfile.txt';
    ?>
    When I use the require once do I add protectedfile.php and then .
    PHP Code:
    '/../supportfiles/myfile.txt'
    ?

    What is the purpose of that .txt file? To output whatever I want? How does it protect someone from typing in "directory/protectedfile.php"

  • #4
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    myfile.txt is you're published file. I don't know what you want to do with it, so I don't know if you plan on including text, or html, or php or whatever it is.
    What prevents them from typing it in is being above you're public_html directory. Anything outside of public_html is not published (or whatever you're doc root is, generally its public_html in the user's home folder on linux). So, based on the structure I've posted (with no other directories in public_html), typing http://yoursite.com/directory/protectedfile.php will result in a 404 error, since it doesn't actually exist there.
    Unpublished files generally refer to data file of some sorts, whether they are images, flat text files, xml etc. PHP is generally not stored above document root, there is really no need to hide a processing file - for this you would deal with sessions to control the file access.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • #5
    New Coder
    Join Date
    Nov 2006
    Posts
    71
    Thanks
    12
    Thanked 0 Times in 0 Posts
    Do you consider this a safer approach than say a .htaccess direction? Thank you for being so patience with a newbie like me.

  • #6
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,979
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    Quote Originally Posted by pcproff View Post
    Do you consider this a safer approach than say a .htaccess direction? Thank you for being so patience with a newbie like me.
    Yes.
    htaccess will only work on an apache server, this method works on Apache and IIS. This of course only protects a file from direct access, its up to you're scripts to ensure that any authentication is handled.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • Users who have thanked Fou-Lu for this post:

    pcproff (03-20-2009)

  • #7
    New Coder
    Join Date
    Nov 2006
    Posts
    71
    Thanks
    12
    Thanked 0 Times in 0 Posts
    OK one last thing. I have a Linux/Apache setup and I do not have that folder called public_html does that matter?

  • #8
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    What folder do you put your "published" files in? Do this
    PHP Code:
    <?php echo $_SERVER['DOCUMENT_ROOT']; ?>
    Post what you get.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #9
    New Coder
    Join Date
    Nov 2006
    Posts
    71
    Thanks
    12
    Thanked 0 Times in 0 Posts
    Awesome!

    /home/content/p/c/p/pcproff/html

  • #10
    New Coder
    Join Date
    Nov 2006
    Posts
    71
    Thanks
    12
    Thanked 0 Times in 0 Posts
    Any ideas?

  • #11
    Regular Coder kokjj87's Avatar
    Join Date
    Sep 2008
    Location
    Singapore
    Posts
    279
    Thanks
    1
    Thanked 55 Times in 54 Posts
    Create a folder beside your webroot, and store your private file here... and then use Fou-Lu method to read the file into your webpage.

    Code:
    /home/content/p/c/p/pcproff/supportfiles


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •