Welcome Guest, Not a member yet? Register   Sign In
Restricting direct access to your view-files?
#1

[eluser]sorenchr[/eluser]
Hi, I'm new to CodeIgniter, I was wondering if it's considered a good practice to restrict direct access to your view-files? Obviously they are going to contain a lot of php-code that relies on variables and what not passed to them from the controller, so the php-code could easily come up with an error if it's directly accessed couldn't it?

Thanks for your time.
#2

[eluser]n0xie[/eluser]
Put your application folder outside the wwwroot and you won't have to worry about it.
#3

[eluser]sorenchr[/eluser]
I'm using a shared webhost who does not allow document upload outside of the wwwroot, is there another way?
#4

[eluser]sorenchr[/eluser]
Bump. Either this is a really obvious question, or no one knows the answer Smile. I thought this was a widely asked question, seeing that as a developer, one of your primary goals is to avoid your code to break before the user.
#5

[eluser]pistolPete[/eluser]
You can use a .htaccess file in the system folder with the following content:

Code:
DENY FROM ALL
#6

[eluser]sorenchr[/eluser]
[quote author="pistolPete" date="1267796516"]You can use a .htaccess file in the system folder with the following content:

Code:
DENY FROM ALL
[/quote]

Thanks! But I'm wondering, isn't it considered common practice to restrict direct access to your view-files? If no, then why not?
#7

[eluser]helmutbjorg[/eluser]
Just stick the following line in the top of your view files:

Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

And to stop people browsing to the directoy simply place a index.html file in the views folder with the following code:

Code:
<html>
<head>
    <title>403 Forbidden</title>
</head>
<body>

<p>Directory access is forbidden.</p>

&lt;/body&gt;
&lt;/html&gt;




Theme © iAndrew 2016 - Forum software by © MyBB