Prevent direct access to a php
Question
I don't want to use .htaccess.
- a.php b.php c.php compute.php
a.php b.php and c.php uses it like this
$.get( compute.php ?number=800)
I want a.php b.php and c.php to be able to access compute.php
but I don't want to allow this to public.
http://localhost/ compute.php ?number=800
Is this possible? 🥺
2 answers
solution1
1 2022-05-15 13:25:53
There is no difference between making an ajax call and navigate the target directly via web browser. So this is not possible. You can use a secret key and make it's type post instead of get if you want your backend accept requests from only defined pages.
solution2
0 2022-05-15 13:27:10
if you import (require or include functions) the file, one way to do it is to create a pre-defined variable in a.php b.php and c.php which is not set on compute.php by default. Then you can check it in the compute.php file to see if it was imported by an authenticated "file"/"end".
But if you're required to use AJAX, you might want to implement authentication which is accessible to the public or access the file using the local IP address of the server. (which I think is too much complex and annoying solution)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.