php [if (!defined('ABSPATH'))] 是什么意思
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/43212340/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
What is meant by [if ( ! defined( 'ABSPATH' ) )]
提问by Craig
I am currently building a WordPress Theme from scratch, as a means to 'learn on the job'. I have moderate experience with backend work, though I have been heavily reliant of PageBuilders in the past. I now wish to create a Theme without any Pagebuilders as a means to increase its Load Speed etc.
我目前正在从头开始构建 WordPress 主题,作为“在工作中学习”的一种方式。我对后端工作有一定的经验,尽管我过去一直严重依赖 PageBuilders。我现在希望创建一个没有任何页面构建器的主题,作为提高其加载速度等的手段。
For now, I am currently looking at security for website files and came across the following term:
目前,我目前正在研究网站文件的安全性并遇到以下术语:
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit; // Exit if accessed directly
}
?>
I am of the understanding that this would prevent direct access to the web files. I am not entirely sure what is meant by this. For example, I could still access the file(s) via FTP, through the Server and via the WordPress Dashboard. Is there some other direct access that this prevents? Maybe preventing access via WordPress Plugins etc?
我的理解是,这会阻止直接访问 Web 文件。我不完全确定这是什么意思。例如,我仍然可以通过 FTP、服务器和 WordPress 仪表板访问文件。是否有其他一些直接访问可以阻止?也许阻止通过 WordPress 插件等访问?
With this in mind, would I be right to assume that the above code should be placed on every file within the theme as standard? Would there be any exceptions?
考虑到这一点,我是否正确地假设上述代码应该作为标准放置在主题中的每个文件上?会有什么例外吗?
Any further explanation on this, would be greatly appreciated.
对此的任何进一步解释,将不胜感激。
回答by devsam247
It prevent public user to directly access your .php files through URL. Because if your file contains some I/O operations it can eventually be triggered (by an attacker) and this might cause unexpected behavior.
它防止公共用户通过 URL 直接访问您的 .php 文件。因为如果您的文件包含一些 I/O 操作,它最终可能会被(由攻击者)触发,这可能会导致意外行为。
So, Using the snippets can prevent access from your files (directly) and ensures that your Theme files will be executed within the WordPress environment only.
因此,使用代码段可以防止(直接)访问您的文件,并确保您的主题文件仅在 WordPress 环境中执行。
Usage:
用法:
- It can be placed at the top of any of your PHP files (theme & plugin)
- It can be placed at the top of your wp-config.php
- 它可以放在任何 PHP 文件(主题和插件)的顶部
- 它可以放在你的 wp-config.php 的顶部
Hope it helps
希望能帮助到你
回答by Thiago Santos
ABSPATHis a PHP constantdefined by WordPress at the bottomof wp-config.php:
ABSPATH为PHP恒定在由WordPress限定底部的wp-config.php:
/* That's all, stop editing! Happy blogging. */
/** Absolute path to the WordPress directory. */
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
As you can see on the comment block above, WordPress does not recommend to modify these lines of code- probably because many plugins and themes rely on ABSPATHto verify if their PHP files are being executed within the WordPress environment.
正如您在上面的注释块中看到的那样,WordPress 不建议修改这些代码行- 可能是因为许多插件和主题依赖于ABSPATH验证它们的 PHP 文件是否在 WordPress 环境中执行。
If you use this snippet at the top of your wp-config.phpfile, you will terminate the execution of the wp-config.php, because ABSPATHhas not been defined yet at that point. And other files that depend on wp-config.phpwill fail (i.e. you will break your website).
如果您在wp-config.php文件顶部使用此代码段,您将终止 的执行wp-config.php,因为此时ABSPATH尚未定义。而其他依赖的文件wp-config.php将失败(即您将破坏您的网站)。
if ( ! defined( 'MY_CONSTANT' ) ) { exit; }is a snippet widely used by PHP files of plugins and themes only by convention. In theory, it means you can add your own constant at the bottom of your wp-config.php, and you will get the same practical result.
if ( ! defined( 'MY_CONSTANT' ) ) { exit; }是仅按惯例被插件和主题的 PHP 文件广泛使用的片段。理论上,这意味着你可以在你的底部添加你自己的常量wp-config.php,你会得到同样的实际结果。
Your wp-config.php:
你的wp-config.php:
if ( !defined('MY_CONSTANT') )
define('MY_CONSTANT', 'fool');
Your theme or plugin file:
您的主题或插件文件:
<?php
if ( ! defined( 'MY_CONSTANT' ) ) {
exit; // Exit if accessed directly
}
More Info
更多信息
Defining a constant in PHP: http://php.net/manual/en/language.constants.syntax.php
在 PHP 中定义一个常量:http: //php.net/manual/en/language.constants.syntax.php
PHP magic constants: http://php.net/manual/en/language.constants.predefined.php
PHP 魔法常量:http: //php.net/manual/en/language.constants.predefined.php
