Nov 18, 2006
Im sure someone can tell me the answer to this.

Is there a way to set up the permissions in the File manager, to where a viewer can not see the content on the page, but where it is used as a script still works, and if so, how?


Im working on a shoutbox program powered by javascript, php, and my sql; i dont want hacking (not file hacking, user hacking), so i need to hide the content! :S

more of an explination of my shoutbox:

Im working on a shoutbox program for IPB 1.3 boards.
Curently i am working on the guest portion, and its going very well. I just need to get the shouting fixed and i can move onto the emotes and bb code for guests.
In the file, it shows all of the javascript coding along with php aditions (connecting to the database and gathering information.)


Nov 17, 2006
I assume from your question that you want a php script to be able to read/write to a content file but prevent apache from viewing the file.

If you are running the php script as a cgi the script process is running as it's owner. Since the script and the content file share the same owner, give the content file only 600 permissions. Since the apache process is running as nobody instead of that shared owner it will not have permission to read the file.

If you are not running the php script as a cgi I'm not familiar enough with cPanel to know for certain what group apache is running under. If apache is running under a different group than the script and the content file has, then 660 would be a workable permission. Try that permission if 600 does not get the results you want.