Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m making a script that lets my users open the page, vote for our site, and then get a password to some restricted content on the site. However, I plan on storing the password in a file outside public_html so it cannot be read directly from the source code.
Is there any way to do an AJAX call to a file above public_html? I don’t want to AJAX to a file inside public_html that will read the file, it’ll just defeat the purpose.
Not directly, no. And, frankly, thank goodness for that (since js is executed client-side, and the client should never have access to the web-server above
public_html).You can, however, use Ajax to call a php script inside the web root that has access to documents outside of the web-root. This way you’re still keeping the password out of public reach, but still allowing your users to make use of it.
The down-side is that the password might make it to the client-side in the Ajax call (depending on what your Ajax call does). Basically, if JS can get access to the password then so can any interested user.