Hi,

I have created an pure OOP e-commerce web site with PHP. I want to make sure that my class files cannot be seen or downloaded by anyone. What do i do now? Other files html, css, js can be seen, no problem. My hosting company provides me a folder called "htdocs" to put my files. Do you think i should have an additional secured folder for my class files?

db.class.php
processes.class.php
other.class.php

In my pages i do require_once for 3 of my classes.

Thanks

The files you require don't have to be in the htdocs folder, they can be anywhere on the filesystem. Only files that you want people to access should be in htdocs. So good practice is to put them in a semantically divided folder layout below htdocs, ie.,

/
  /webroot
    /htdocs
    /lib
      /db
        db.class.php
      /util
        processes.class.php
        other.class.php

Then you would just use an absolute path like /webroot/lib/db/db.class.php

i agree with shawn

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.