In Kohana's core class, there is a constant FILE_SECURITY.
string(60) "<?php defined('SYSPATH') or die('No direct script access.');"
Now obviously if you place this at the start of your f开发者_开发问答iles, and if it is accessed outside of the Kohana environment, it will die().
But what is the purpose of this constant? We can't eval() it because it has a leading <?php.
Does Kohana create PHP files somewhere and uses it to prepend it to the start of the file?
The Kohana_Log_File::write function uses the constant:
// Set the name of the log file
$filename = $directory.date('d').EXT;
if ( ! file_exists($filename))
{
// Create the log file
file_put_contents($filename, Kohana::FILE_SECURITY.' ?>'.PHP_EOL);
// Allow anyone to write to log files
chmod($filename, 0666);
}
Looks like it's inserted into a log to stop it from being read from a public URL.
Also you can use this constant while autogenerating your custom files, like configs (possible in installation apps?).
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论