All geek questions in one place

No direct script access when using include

I have a CMS website with PHP support. I would like to include database.php in a PHP script. database.php is located in the config folder and contains information about db connections (pass, db_name, etc.).

Here is the script:

 <?php echo __DIR__ ."<br /><br />"; //make sure your assumptions on directories and path are correct for the //include below include '../application/config/database.php'; ?>

By running the script, I get this message:

/ Applications / XAMPP / xamppfiles / HTDOCS / tslocal / textbook_scripts

No direct access script.

The first line of database.php contains this line:

 <?php defined('SYSPATH') or die('No direct script access.');

I assume that the CMS somehow β€œprotected” the configuration file, which prevents me from including it. What is "No direct access to w373"? Google gives me many examples of people who want to add this functionality. I want to delete it. Possible? Probably? How to tell PHP so that I can access database.php?

+4
source share
2 answers

The main way to do this is somewhere in the application (before loading the .php database) there is a line that contains the lines:

 define( 'APPLICATION_LOADED', true );

The database.php file performs a check similar to the following:

 if( !defined('APPLICATION_LOADED') || !APPLICATION_LOADED ) { die( 'No direct script access.' ); }

Look in the database.php file and any files it contains to determine how it checks to see if the script has access or not. Then you can simulate the necessary conditions if you want to include this file in your script.

+5
source

I got this PHP error from the Codeigniter Email.php class called CI_Email:

 <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed'); class CI_Email { var $smtp_default_from = ''; var $smtp_default_name = ''; var $useragent = "CodeIgniter"; var $mailpath = "/usr/sbin/sendmail"; //more code omitted }

I tried to include this class directly as follows:

 <?php include("Email.php"); ?>

And when I run it, it says:

 No direct script access.

The PHP method "defined" checks if a given constant exists or is not defined.

So, for my specific class, it says that BASEPATH should be defined. Therefore, if you define it as follows:

 <?php define('BASEPATH', "foobar"); include("Email.php"); ?>

Then the error will no longer be selected. But then we need to ask ourselves why developers ask this particular restriction and what happens if we get around it.

+1
source

Source: https://habr.com/ru/post/1498417/

More articles:


All Articles