What is the point of this constant in Kohana?

About

Asked 12/11, 2010 at 0:55 Answered 12/11, 2010 at 10:11

In Kohana's core class, there is a constant FILE_SECURITY.

string(60) "<?php defined('SYSPATH') or die('No direct script access.');"

Now obviously if you place this at the start of your files, and if it is accessed outside of the Kohana environment, it will die().

But what is the purpose of this constant? We can't eval() it because it has a leading <?php.

Does Kohana create PHP files somewhere and uses it to prepend it to the start of the file?

Landman answered 12/11, 2010 at 0:55 Comment(2)

+1 from someone who doesn't use Kohana but is interested in it's developemnt/design – Disjointed 12/11, 2010 at 0:57

eval won't matter, the constant SYSPATH will still be found undefined and result into die – Vignette 12/11, 2010 at 0:58

The Kohana_Log_File::write function uses the constant:

// Set the name of the log file
$filename = $directory.date('d').EXT;

if ( ! file_exists($filename))
{
    // Create the log file
    file_put_contents($filename, Kohana::FILE_SECURITY.' ?>'.PHP_EOL);

    // Allow anyone to write to log files
    chmod($filename, 0666);
}

Looks like it's inserted into a log to stop it from being read from a public URL.

Indention answered 12/11, 2010 at 1:2 Comment(2)

Googled the constant name, went to the API docs and read the write function. – Indention 12/11, 2010 at 1:3

Yeah, I just tried that. Don't know why I didn't think of that actually - or searched on GitHub. – Landman 12/11, 2010 at 1:4

Also you can use this constant while autogenerating your custom files, like configs (possible in installation apps?).

Wristband answered 12/11, 2010 at 10:11 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags