制作主题文件.html
[英]Making theme files .html
问题描述
They have some php code within (if, endif, variables), but essentially they are html files. 
他们有一些PHP代码(if,endif,变量),但基本上他们是html文件。
Do you think is a good idea to use the .html extension and prevent direct access to them trough .htaccess, so the php code is not visible to anyone ? 你认为使用.html扩展名是一个好主意并阻止通过.htaccess直接访问它们,所以任何人都看不到php代码吗?
Is it safe? 安全吗?
2 个解决方案
解决方案1
1 2012-08-13 09:08:01
can you test the script? 你可以测试脚本吗?
As far as I know the PHP is just server-side so after the server "do its thing" it doesn't show on the users computer (when he tries to see the source code). 据我所知,PHP只是服务器端,所以在服务器“做它的事情”后,它不会显示在用户计算机上(当他试图查看源代码时)。
Javascript and HTML are displayed but not the php. 显示Javascript和HTML但不显示php。
I have used the .htaccess file to block some other files in the folder such as the DB credentials and such that I had named .inc (for include). 我已经使用.htaccess文件来阻止文件夹中的一些其他文件,例如DB凭据,以及我已命名.inc(for include)。 If you block the html with the htaccess noone is going to be able to see the webpage. 如果您使用htaccess阻止html,那么没有人能够看到该网页。
I hope I understood it right! 我希望我理解得对! (And clarified it as well) (并澄清了它)
解决方案2
1 2012-08-13 09:11:08
Just have an .htaccess with deny from all in the views folder... ;p 在视图文件夹中只有一个带有deny from all的.htaccess ...; p
Tho if you have files like images or css that you want loaded from that theme folder then by all means rename the view to .php and put as this on the first line: 如果您有想要从该主题文件夹加载的图像或css等文件,那么无论如何都要将视图重命名为.php并将其放在第一行:
if (!defined("RUN")){die('No direct access');}
Obviously define('RUN',true); 显然define('RUN',true); in your config. 在你的配置中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.