Hiding manager pages from frontend

460 Posts

hotdiggity Reply #1, 14 years, 11 months ago

I’m using this snippet of code to prevent manager pages from being accessed from the frontend:

<?php
if (realpath(__FILE__) == realpath($_SERVER['file_to_be_protected.php'])) {
exit('This file can not be accessed directly.');
}
if(IN_MANAGER_MODE!="true") die("Please use the MODx Manager.");
?>

While this works in one installation, it gives the following error in System Events:

Undefined index: file_to_be_protected.php

(Running: PHP Version 5.2.8)

In another installation when I insert it at the top of the page I get the following error on the page itself:

Error while inserting event log into database.

(Running: PHP Version 5.2.6)

...but no errors in the System Events log!

Mostly harmless.

460 Posts

hotdiggity Reply #2, 14 years, 11 months ago

This is an actual file on the server running within the modules section.

Mostly harmless.

956 Posts

ganeshXL Reply #3, 14 years, 11 months ago

Try changing the first line to:

if (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME'])) {

Insert that in the file (script) you want to include, not in the modx module textarea.

http://www.fantastique.ch/
http://www.dnik.ch/
http://www.flickr.com/photos/dnik/

460 Posts

hotdiggity Reply #4, 14 years, 11 months ago

That’s it - thanks! embarrassed

Mostly harmless.