Last active
August 23, 2024 15:22
-
-
Save emre-edu-tech/f9687ec1d7e121122680fc9603629147 to your computer and use it in GitHub Desktop.
Simple Wordpress Plugin and Theme security measures using ABSPATH constant and built-in add_action() function.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| * ABSPATH is a constant in WordPress that stores the absolute path to the WordPress installation directory on the server. | |
| * It is defined in the core wp-config.php file like this: | |
| */ | |
| define('ABSPATH', dirname(__FILE__) . '/'); | |
| /* | |
| * PURPOSE OF THE ABSPATH CHECK | |
| * This check below guarantees that no one from outside of the WordPress installation should access this file directly. | |
| * If this constant is defined, then we are inside of WordPress and it can be counted as we are in a safe position. | |
| * Note: The check for the ABSPATH if it is defined or not, is placed at the top of the PHP files in WordPress plugins or themes | |
| * like this: | |
| */ | |
| if(!defined('ABSPATH')) { | |
| die('This file should not be accessed outside of WordPress!'); | |
| } | |
| /* | |
| * Another check can be done using WordPress-specific function called 'add_action()', if this function does not exist, then | |
| * Wordpress was not initialized. | |
| */ | |
| if(!function_exists('add_action') { | |
| die('This file should not be accessed outside of WordPress!'); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment