CaniDiowawl
New Member
Hey guys, I am separating some XHTML from PHP by putting the XHTML into a separate file and then using PHP's \[code\]include()\[/code\] function within the PHP script. This works perfectly fine, however, users are still able to access the \[code\].html\[/code\] file directly if they know the address. They can't really do much with it, but I would rather it not show. I've seen some scripts in the past use some form of referrer check, is this what I would do to add some basic (Notice I said 'basic') restrictions to prevent it from being viewed by accessing it directly?Thanks!Clarification: I forgot to mention that I want to do this within PHP, so no web-server configuration (Moving files out of document-root, configuring web-server to disallow access, etc.). I think the most logical choice here is to use the \[code\]define()\[/code\] constant check, that's actually indeed what I've seen in other scripts that I had forgotten, as I outlined in my post. I realize this is probably not the best solution, but given that the html file that can be access is of no particular value, the \[code\]define()\[/code\] constant should suffice. Thanks I appreciate the responses!