WordPress.org

Ready to get started?Download WordPress

Forums

password protecting PHP includes?? (3 posts)

  1. dylanhassinger
    Member
    Posted 8 years ago #

    Hello all,

    I am wondering -- is there a way to password protect included PHP files?

    Here's the situation: I have a WordPress page. In that page I have some php code (using the "phpcode" plugin) and an "include" to include another PHP file.

    I have password protected this page. However, the included PHP file (where the confidential info actually resides) does not retain the password protection. So any web browser could go to the URL of the included PHP file and run it, no problem.

    Is there any way to pass on the password-requirement status from a page into an included PHP file?

    I realize this is weird and sorta advanced, any help is much appreciated!

    dylan in st. louis

  2. dylanhassinger
    Member
    Posted 8 years ago #

    figured out a solution in case anybody cares:

    embed a template tag into the included php script.

    in my case, i did this:

    $useless_variable = bloginfo('description');

    now, if the included PHP page is accessed outside of the wordpress structure, it will fail because the bloginfo function is undefined.

    if this isn't safe for some reason, let me know, but seems to me to be a quick security fix for included PHP on pages.

  3. dylanhassinger
    Member
    Posted 8 years ago #

    actually, this didn't work.

    come to find out if you include a PHP file in a page using the PHP Exec plugin, variables and template tags do not get passed to it. darnit.

    any other ideas?

Topic Closed

This topic has been closed to new replies.

About this Topic