Hey!

I would like to show you a simple way how to protect your files from direct accessing.

Here's our index.php:

Code:
<?php

define("IN_INDEX", "true");

include("includefile.php");

echo $str;

?>


So what that means? Here, I'll explain it to you.

<?php- This starts our PHP script

define("IN_INDEX", "true"); - This defines that files we will include are used in index.php

include("includefile.php"); - Let's include our file

echo $str; - Print the sentence defined as a variable in includefile.php file.

?> - Ends our PHP script

Now it's time to create our protection script called "includefile.php" and it goes like this:

Code:
<?php

if(!defined("IN_INDEX")){
    
    echo "Forbidden!";
    exit;
    
}

$str = "File included!";

?>


<?php - Let's start our PHP script

if(!defined("IN_INDEX")){ - This is the most important thing. If "IN_INDEX" isn't defined let's display our error.

echo "Forbidden!"; - This is our error sentence
exit; - This exits from our script

} - If everything is okay ..

$str = "File included!"; - .. let's define our variable

?> - Ends our PHP script

And it was that simple. Add this last script to each of your files that you include in your files and your files are protected.

I hope you liked this tutorial and if you have questions feel free to ask from me.

Regards,
Jaan