Home/ Questions/Q 7190913
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-28T19:37:06+00:00

I am trying to hide my websites cms application… So i thought i would

  • 0

I am trying to hide my websites cms application…

So i thought i would add a bit of php to any random page on my site, that includes a GET referance to some random string… So basically, if you go to x page, and add ?RANDOMSTRING the cms index is included. This is stored above the web root… Here is the peice of php:

if (isset($_GET['J7sd-H3sc9-As3R']))
{
require_once($docRoot . '/../../includes/admin/index.php');
}

Basically, index.php is laid out as a page with 3 fieldsets. In the 3 field sets are various links relating to various applications that deal with various tasks. They were accessed through the same means as the above code. And they were held in the web root and were able to be accessed via http…

That all worked perfectly fine, But the problem now comes when i try to access any specific part of the cms…so what would have been:

http://www.mysite.com/admin/part/

is now:

include($_SERVER['DOCUMENT_ROOT'] . '/../../includes/admin/part/index.php');

Or something of the sort…

So now when i go to my page at

http://www.mysite.com/randomDirectory/

and add:

http://www.mysite.com/randomDirectory/?J7sd-H3sc9-As3R

I get sent to my cms… Cool… But when i try to click on any section i get this header:

http://www.mysite.com/randomDirectory/?part

and the page gets refreshed to:

http://www.mysite.com/randomDirectory/

If that makes sense…

Could any provide me with any input or suggestions regarding the task that i am trying to accomplish? I am not sure if it is even possible to start off with, but it seems simple enough.

Any replies would be greatly appreciated, Thanks!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I guess you should append at the end of every link in your page something like

    <?php if (isset($_GET['J7sd-H3sc9-As3R'])) echo '?J7sd-H3sc9-As3R'; ?>

    Example:

    http://www.mysite.com/randomDirectory/randomPage<?php if (isset($_GET['J7sd-H3sc9-As3R'])) echo '?J7sd-H3sc9-As3R'; ?>

    edit

    An easier way to do this would be to use sessions, in this way:

    <?php

session_start();

if (isset($_GET['J7sd-H3sc9-As3R']))
{
    $_SESSION['token'] = 'J7sd-H3sc9-As3R';
}

if (!isset($_SESSION['token']) || $_SESSION['token'] !== 'J7sd-H3sc9-As3R')
{
    exit;
}

// go on with your page

?>

    In this way, when you open a page with your token in the url, the session is started and the token is saved in the session, so it should work without the need to insert the token in every url until you close your browser.

    • 0