我不想让人们直接去网页在AJAX目录，但他们仍然需要从他们的父页面提供服务。我已经试了无数的.htaccess线，但他们都从主网页阻止它。总结一下，我不希望人们能够在输入 http://www.mysite.com /AJAX/page1.html 和查看，但需要page1.html通过AJAX被带入它的父页面。

I don't want to allow people to go directly to the pages in the AJAX directory but they still need to be served from their parent page. I have tried numerous .htaccess lines but they all block it from the main page as well. to sum up, I dont want people to be able to type in http://www.mysite.com/AJAX/page1.html and view it but page1.html needs to be brought into its parent page via AJAX.

<LIMIT GET POST>
Order deny, allow
deny from all
</LIMIT>

阻止所有访问

blocks all access

你能定义父文件中的一个标志定义（IS_IN_SCRIPT'，1）; 并检查它的AJAX页面？将与AJAX页面或仅PHP的工作包括？

Can you define a flag in the parent file define('IS_IN_SCRIPT',1); and check for it in the AJAX pages? will that work with AJAX pages or only PHP includes?

推荐答案

确定Referer信息在PHP

检查 $ _ SERVER ['HTTP_REFERER'] 是您的域名（或可接受域的列表）

Check if $_SERVER['HTTP_REFERER'] is in your domain (or a list of acceptable domains)

那么，如果不是重定向。

Then redirect if not.

if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], 'yourdomain.com') !== false) 
  { echo 'probably from your own site'; }