Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.6k views
in Technique[技术] by (71.8m points)

php - stop direct access (.htaccess) and allow ajax request to subfolder

I am trying to stop direct access to a subdirectories and the php files within subdirectories. I've added the following code below to the .htaccess file within the subdirectories, however now the AJAX request are not working.

How can I stop access to www.example.com/subdir, but allow jQuery load & ajax functions to work?

Options -Indexes
order   allow,deny
deny    from all

Thank You

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

I would put apache directives aside, and -perhaps- focus on a php-based solution:

  1. Make sure your file containing the jquery ajax call has a ".php" extension. (of course inside that file, all jquery must be contained within <script> and </script> tags.

  2. Inside your jquery function just before the ajax call, type that:

    <?php $_SESSION["allow"] = "granted" ?>

    (php tags run even if they are contained in "script" tags)

  3. Open your ajax (php) file and at the very top type this:

<?php
 session_start();
 if((!isset($_SESSION['allow'])) && ($_SESSION['allow']!="granted")){die();}else
 unset($_SESSION['allow']);

 (...rest of your php code here...)

?>

... and you are Done!

P.S. Naturally, you may (or better: should) rename the sessions and give them different or more complex values, but I was just trying to point out the basic idea... Happy coding!


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...