+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forumdisplay.php?fid=23)
+--- Thread: if ( ! defined('BASEPATH')) exit('No direct script access allowed'); (/showthread.php?tid=61042)
if ( ! defined('BASEPATH')) exit('No direct script access allowed'); - El Forum - 09-04-2014
[eluser]Unknown[/eluser]
hello guys.
this line "if ( ! defined('BASEPATH')) exit('No direct script access allowed')"
helps me to prevent fake http header requests?
if ( ! defined('BASEPATH')) exit('No direct script access allowed'); - El Forum - 09-04-2014
[eluser]InsiteFX[/eluser]
No it stops them from getting into that file, there is also an .htaccess file in the application directory that stops them.
if ( ! defined('BASEPATH')) exit('No direct script access allowed'); - El Forum - 09-04-2014
[eluser]CroNiX[/eluser]
All requests should go through index.php, which is where BASEPATH gets defined. That line prevents them from accessing stuff like http://yoursite/application/models/some_model.php via the URL and directly accessing the model, library, whatever. It's a security measure. The htaccess that InsiteFX mentioned also prevents that but not all servers are set up to use htaccess. So the above will work regardless if htaccess is set up and working.