I’m following this tutorial to create a safe login system. My folder logic is as follows:
/var/www/html/mysite/ # html folder is public (here goes index.php, etc) /var/www/includes/ # includes is hidden (login details, etc) /var/www/js/ # js is also hidden, as stated on the tutorial
When I say “as stated on the tutorial”, I refer to this passage:
Store your copy of this file in a directory called “js”, off the root directory of the application.
Did I interpret it right? Should js folder be inside html, instead of www? What’s the difference? In my code, I have lines like:
include_once '../../includes/db_connect.php'; include_once '../../includes/functions.php';
and
<script type="text/JavaScript" src="../../js/sha512.js"></script> <script type="text/JavaScript" src="../../js/forms.js"></script>
While the php includes work nice, the javascript ones don’t. Firefox inspector is complaining:
GET http://localhost/js/sha512.js [HTTP/1.1 404 Not Found 0ms]
Why is it considering that my js folder is inside html folder, and not where I’m telling it?
Advertisement
Answer
If the www folder is the root directory (i.e. the folder used for http://your-url/) then you can do the following:
<script src="/js/sha512.js"></script> <script src="/js/forms.js"></script>
The leading / says “start at the root of the website”.
If the html folder is your root directory, you’ll need to move the js folder into the html folder – and you can still use the script tags shown above.
JavaScript files are requested by the browser, and the folders outside the root of your website are forbidden to the general public. Your PHP files are loaded on the server, which means you are able to see files the general public does not have access to.