Hey guys, I am separating some XHTML from PHP by putting the XHTML into a separate file and then using PHP's include()
function within the PHP script.
This works perfectly fine, however, users are still able to access the .html
file directly if they know the address. They can't really do much with it, but I would rather it not show.
I've seen some scripts in the past use some form of referrer check, is this what I would do to add some basic (Notice I said 'basic') restrictions to prevent it from being viewed by accessing it directly?
Thanks!
Clarification: I forgot to mention that I want to do this within PHP, so no web-server configuration (Moving files out of document-root, configuring web-server to disallow access, etc.). I think the most logical choice here is to use the define()
constant check, that's actually indeed what I've seen in other scripts that I had forgotten, as I outlined in my post. I realize this is probably not the best solution, but given that the html file that can be access is of no particular value, the define()
constant should suffice. Thanks I appreciate the responses!