允许页面仅加载iframe

Question

如何允许我的PHP文件只加载iframe？

例如:

• 防止直接访问: example.com/Loader.php
• 允许iframe访问权限: <iframe name="TEST" src="Example.com/Loader.php"></iframe>

Answer 1

你不会使用PHP.试试javascript.

if(window==window.top) {
    // not in an iframe
}

Answer 2

假设您的文件file1.php具有iframe内部和此iframe点file2.php

应该为文件file1.php的代码:

<iframe src="file2.php" width="500" height="100"></iframe>

file2.php文件的内容:

<?php
echo "This file exist in an iframe";
?>

所以让我们将file1.php更新为以下代码:

<?php
session_start();
$_SESSION['iframe'] = md5(time()."random sentence");
?>
<iframe src="file2.php?internal=<?php echo $_SESSION['iframe'];?>" width="500" height="100"></iframe>

并更新file2.php如下:

<?php
session_start();
if(!isset($_SESSION['iframe']) || !isset($_GET['internal']) || $_SESSION['iframe'] != $_GET['internal'])
    {
        die("This page can be accessed just from within an iframe");
    }
unset($_SESSION['iframe']);
//Continue processing using your own script
?>

试试这个并告诉我这是否有效:)