This checks the name of the PHP file currently executing. If it is
crackme.php , then the program dies before it gets to important code,
because you didn't intend for anyone to execute this file on its own. If
it is included in some other PHP file, then the $PHP_SELF variable will be
something other than crackme.php, and the program will continue to
execute.
“include secure” makes use of the built-in PHP functions
eregi( ).
01<?php 02 03/* --- uncomment for deployment 04 05// exit script if own filename is in URL 06if(eregi(end(explode('/',__FILE__)), $_SERVER['PHP_SELF'])) 07 exit; 08 09--- */ 10 11// this is for demonstration only - use above line to protect your include scripts 12if(eregi('include-secure',$_SERVER['REQUEST_URI'])) 13echo'<p>this file is for inclusion only -> exit now</p>'; 14 15?>