Support » Fixing WordPress » password protecting PHP includes??

  • Hello all,

    I am wondering — is there a way to password protect included PHP files?

    Here’s the situation: I have a WordPress page. In that page I have some php code (using the “phpcode” plugin) and an “include” to include another PHP file.

    I have password protected this page. However, the included PHP file (where the confidential info actually resides) does not retain the password protection. So any web browser could go to the URL of the included PHP file and run it, no problem.

    Is there any way to pass on the password-requirement status from a page into an included PHP file?

    I realize this is weird and sorta advanced, any help is much appreciated!

    dylan in st. louis

Viewing 2 replies - 1 through 2 (of 2 total)
  • figured out a solution in case anybody cares:

    embed a template tag into the included php script.

    in my case, i did this:

    $useless_variable = bloginfo(‘description’);

    now, if the included PHP page is accessed outside of the wordpress structure, it will fail because the bloginfo function is undefined.

    if this isn’t safe for some reason, let me know, but seems to me to be a quick security fix for included PHP on pages.

    actually, this didn’t work.

    come to find out if you include a PHP file in a page using the PHP Exec plugin, variables and template tags do not get passed to it. darnit.

    any other ideas?

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘password protecting PHP includes??’ is closed to new replies.