在使用phpcms在网站部署中,考虑网站的安全性问题,可以将phpcms网站主程序与WEB目录分离,使主程序在网站目录之外,避免从URL直接访问脚本,从而提高网站的安全性。 phpcms网站主程序与网站目录分离分离方法步骤如下:
1.将PHPCMS V9中程序主框架目录phpcms移动至web目录之外
如图:
define('PHPCMS_PATH', dirname(__FILE__).DIRECTORY_SEPARATOR);
include '../phpcms/base.php';
pc_base::creat_app();
include '../phpcms/base.php';
pc_base::creat_app();
define('PHPCMS_PATH', dirname(__FILE__).DIRECTORY_SEPARATOR);
include '../phpcms/base.php';
$param = pc_base::load_sys_class('param');
$op = isset($_GET['op']) && trim($_GET['op']) ? trim($_GET['op']) : exit('Operation can not be empty');
if (!preg_match('/([^a-z_]+)/i',$op) && file_exists(PHPCMS_PATH.'api/'.$op.'.php')) {
include PHPCMS_PATH.'api/'.$op.'.php';
} else {
exit('API handler does not exist');
}
include '../phpcms/base.php';
$param = pc_base::load_sys_class('param');
$op = isset($_GET['op']) && trim($_GET['op']) ? trim($_GET['op']) : exit('Operation can not be empty');
if (!preg_match('/([^a-z_]+)/i',$op) && file_exists(PHPCMS_PATH.'api/'.$op.'.php')) {
include PHPCMS_PATH.'api/'.$op.'.php';
} else {
exit('API handler does not exist');
}
转载请注明来源网址:青锋建站-http://www.sjzphp.com/webdis/phpcms_dir_515.html
