So, ok. I have many php files and one index.php file. All files can't work without index.php file, because I include them in index.php. For example. if somebody click Contact us the URL will become smth like index.php?id=contact and I use $_GET['id'] to include contacts.php file. But, if somebody find the file's path, for example /system/files/contacts.php I don't want that that file would be executed. So, I figured out that I can add before including any files in index.php line like this $check_hacker = 1 and use if in every files beginning like this if($check_hacker <> 1) die();. So, how can I do it without opening all files and adding this line to each of them? Is it possible? Because I actually have many .php files. And maybe there is other way to do disable watching separate file? Any ideas?
Thank you.

Accepted Answer

You could put your index.php alone in your web directory. And put all the files it includes in another non web directory.

Let's say you website http://www.example.com/index.php is in fact /path/to/your/home/www/index.php, you can put contact.php in /path/to/your/home/includes/contact.php. No .htaccess, rewrite, auto appending. Just a good file structure and a server configured like needed.

Edit to detail my comment about using xamp :

In your httpd.conf file, add something like this :

<Directory "/path/to/your/site/root">
    Options Indexes FollowSymLinks
    AllowOverride all
    Order Deny,Allow
    Deny from all
    Allow from 127.0.0.1
</Directory>


<VirtualHost *:80>
    DocumentRoot /path/to/your/site/root
    ServerName www.example.org
</VirtualHost>

Then in your windows hosts file (in C:\Windows\System32\drivers\etc), add this line :

127.0.0.1   www.example.com
Written by Arkh
This page was build to provide you fast access to the question and the direct accepted answer.
The content is written by members of the stackoverflow.com community.
It is licensed under cc-wiki