Dasmeet Singh wrote:
Hi!
I use a page to authorize a user and based on certain criterias (user
group etc) include a file in another directory (named private)...
Everything is working fine but the problem is anyone goign directly to
private/includefile.php can run the script without authorising
themselves...
Is it possible to set folder permission such that files inside it cant
be open directly but could be included?
thanks in advance :)
In private/.htaccess put:
Order Deny,Allow
Deny from all
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
