Solved

Post to page above wwwroot directory

Posted on 2009-04-14
3
290 Views
Last Modified: 2013-12-13
Hello,

I have created a php page that I would like to POST to a second php script that lives above the root web directory for security reasons. The page living above web root will then interface with a db file and redirect back to a final landing page. However upon submitting the form, a 404 error is displayed and I notice the url shows as looking for the second script page under web root. This sort of thing works on the old non php hosted website so what am I missing? Worth noting is that on both sites I have ftp access to the above web root directories.
0
Comment
Question by:bnrtech
  • 2
3 Comments
 
LVL 34

Accepted Solution

by:
Beverley Portlock earned 500 total points
ID: 24140619
I presume you are attempting to send Apache to this external page via a form action or a header directive?

The only effective way to do this is to "include" or "require" the page outside the web directory into a script that is accessible within the web root. Let us say that "outside.php" is outside the webroot and "inside.php" is inside it then something like this

// inside.php
//
if ( isset( $_POST['submit'] ) ) {
   
    include "outside.php";

}

<form action='inside.php' method='post'>
..... code
<input name='submit' type='submit' value='Do something' />
</form>
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 24140635
" This sort of thing works on the old non php hosted website so what am I missing? "

I forgot to comment on this. It could be that the old site "included" the external folder via a symbolic link or that the webroot was higher up than you thought. It sounds like security is better on your new server.
0
 

Author Closing Comment

by:bnrtech
ID: 31569939
Works like a charm and security is intact, thanks!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now