禁止直接访问 php 文件 (MVC)
[英]forbid direct access to php files (MVC)
问题描述
My files are organized with the MVC pattern (Model, View, Controller).
我的文件是用MVC模式(模型、视图、控制器)组织的。
How am I supposed to protect files in these folders from direct access?我应该如何保护这些文件夹中的文件不被直接访问?
For example, I would like to forbid user to write manually " http://VIEW/blabla ".例如,我想禁止用户手动编写“ http://VIEW/blabla ”。 Indeed, the only files which would be supposed to be accessible are outside the folders.实际上,应该可以访问的唯一文件是在文件夹之外。 They just call, with 'include' php function, the other files contained in VIEW, CONTROLLER and MODEL.他们只是用'include' php 函数调用包含在VIEW、CONTROLLER 和MODEL 中的其他文件。
If I protect these folders, when I have something like :如果我保护这些文件夹,当我有类似的东西时:
<form action="MODEL/userCreate.php" method="post" id="form">
Will the code be blocked by my protection?代码会被我的保护所阻止吗?
1 个解决方案
解决方案1
1 已采纳 2017-01-24 07:51:48
Put those folders outside your document root将这些文件夹放在文档根目录之外
/project
/src <-------------your code, not served over http
MyClass.php
/web <-------------your document root, served over http
index.php
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.