block loading include files directly

2024-11-23 23:20:57 +01:00 · 2011-04-13 22:21:07 +10:00 · 2011-04-13 22:21:07 +10:00 · b895102563
commit b895102563
parent a9bdc6eeb7
7 changed files with 40 additions and 5 deletions
--- a/inc/config.php
+++ b/inc/config.php
@ -588,4 +588,10 @@
 	
 	// Link imageboard to your Google Analytics account to track users and provide marketing insights.
 	// $config['google_analytics'] = 'UA-xxxxxxx-yy';
+	
+	if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
+		// You cannot request this file directly.
+		header('Location: ../', true, 302);
+		exit;
+	}
 ?>
--- a/inc/database.php
+++ b/inc/database.php
@ -1,4 +1,9 @@
 <?php
+	if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
+		// You cannot request this file directly.
+		header('Location: ../', true, 302);
+		exit;
+	}
 	
 	function sql_open() {
 		global $pdo, $config;
--- a/inc/display.php
+++ b/inc/display.php
@ -1,4 +1,10 @@
 <?php
+	if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
+		// You cannot request this file directly.
+		header('Location: ../', true, 302);
+		exit;
+	}
+	
 	/*
 		Stuff to help with the display.
 	*/
--- a/inc/functions.php
+++ b/inc/functions.php
@ -1,4 +1,10 @@
 <?php
+	if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
+		// You cannot request this file directly.
+		header('Location: ../', true, 302);
+		exit;
+	}
+	
 	loadConfig();
 	
 	function loadConfig() {
--- a/inc/mod.php
+++ b/inc/mod.php
@ -1,5 +1,10 @@
 <?php
-		
+	if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
+		// You cannot request this file directly.
+		header('Location: ../', true, 302);
+		exit;
+	}
+	
 	// Creates a small random string for validating moderators' cookies
 	function mkhash($length=12) {
 		// The method here isn't really important,
--- a/inc/template.php
+++ b/inc/template.php
@ -1,8 +1,9 @@
 <?php
-	
-	// PHP Template Preprocessor by Savetheinternet
-	// http://codecanyon.net/user/Savetheinternet
-	// savetheinternet@n0v4.com
+	if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
+		// You cannot request this file directly.
+		header('Location: ../', true, 302);
+		exit;
+	}
 	
 	// -----------------------------------------------------
 	// Standard configuration
--- a/inc/user.php
+++ b/inc/user.php
@ -1,4 +1,10 @@
 <?php
+	if($_SERVER['SCRIPT_FILENAME'] == str_replace('\\', '/', __FILE__)) {
+		// You cannot request this file directly.
+		header('Location: ../', true, 302);
+		exit;
+	}
+	
 	// 'false' means that the user is not logged in as a moderator
 	$mod = false;