For now think that I get access to my very own server in order to write whatever index.html file I would like. Can you really only allow myself to call a single php script around the server. For instance basically possess the following scripts within the /var/www/ directory:


and that i need it to ensure that I'm able to do

<form action="login.php" method="post">...</form>

although not

<form action="blowUpAlderaan.php" method="post">...</form>

Note: this isn't specific to POST, it may be GET or xmlhttprequest.

The main reason I want the reason being I'm establishing an internet site in which the clients store their index.html page and php scripts by themselves unix account (around the server). To enable them to execute their php scripts using their own permissions, I'm using suPHP. I'm attempting to steer clear of the situation where user1 issues the next from inside their index.html page

<form action="user2/blowUpAlderaan.php" method="post">...</form>

plus they execute another person's function. If all demands experienced logn.php, I possibly could look into the user's account title/user id and make certain to simply invoke their script if they're indeed who owns that script.

Various solutions, based on what you require.

You could utilize ModRewrite to transmit all demands via a front-finish controller. Most Content management systems systems and frameworks work this way.

You can enable PHP just for specific sites.

I am not necessarily sure what you would like, it may sound as though person A ought to be permitted to carry out a given script, and person B should not. For the reason that situation you need to determine the way your webserver knows who's who.