I was reading some WordPress PHP code on GitHub, and I found that the author (a senior WordPress developer) put this line of code at the top of each file:
defined('ABSPATH') or die("Cannot access pages directly.");
How does this protect the file from direct access? Could a hacker determine the ABSPATH constant and then download the file?
Also, why is direct access dangerous?
This constant is probably set in the main WordPress PHP file, so if it is not set, you will not get access to the main page.
Constants - , , PHP. , , , PHP.
( ), . WordPress () , WordPress.
, index.php., ABSPATH, .URL-..
, .
, ( , ip , )
, , someare ( )
- - , , (-, , ).
, , , ..