1 00:00:00,000 --> 00:00:00,160 2 00:00:00,160 --> 00:00:02,100 >> DAVID MALAN: Let's improve the course's homepage a little bit 3 00:00:02,100 --> 00:00:04,480 further, this time for security reasons. 4 00:00:04,480 --> 00:00:08,330 Thus far, all of our files, whether meant to be visited by a user directly 5 00:00:08,330 --> 00:00:12,740 in a browser via specific URL or whether meant to be included, as with 6 00:00:12,740 --> 00:00:17,030 PHP's function require, everything has ultimately been inside of the same 7 00:00:17,030 --> 00:00:18,340 public directory. 8 00:00:18,340 --> 00:00:22,530 Of course if the user doesn't need to ever see header.php directly or 9 00:00:22,530 --> 00:00:27,420 footer.php directly, let alone helpers.php directly, we might as well 10 00:00:27,420 --> 00:00:32,400 put all such files inside of their own subdirectory that is not publicly 11 00:00:32,400 --> 00:00:33,390 accessible. 12 00:00:33,390 --> 00:00:36,000 >> To do this, allow me to propose the following. 13 00:00:36,000 --> 00:00:41,020 Inside of our vhost directory's local host directory, let's now have the 14 00:00:41,020 --> 00:00:42,690 following folders-- 15 00:00:42,690 --> 00:00:47,580 includes, which will contain files like helpers.php; public, which will 16 00:00:47,580 --> 00:00:51,780 contain what we'll start calling our controllers, like index.php, 17 00:00:51,780 --> 00:00:56,960 lecturers.php, week0.php, and week1.php; and then in templates will 18 00:00:56,960 --> 00:01:00,470 be header.php and footer.php. 19 00:01:00,470 --> 00:01:03,630 So the only thing I've really done here is to move outside of my public 20 00:01:03,630 --> 00:01:07,850 directory my includes directory and my templates directory so that if we now 21 00:01:07,850 --> 00:01:10,795 look at a hierarchical listing, we should see now this. 22 00:01:10,795 --> 00:01:13,600 23 00:01:13,600 --> 00:01:17,490 >> Indeed, first we have an includes directory, inside of which is 24 00:01:17,490 --> 00:01:19,030 helpers.php. 25 00:01:19,030 --> 00:01:22,590 Then we have a public directory, inside of which is index.php, 26 00:01:22,590 --> 00:01:26,580 lectures.php, week0.php, and week1.php. 27 00:01:26,580 --> 00:01:29,600 And finally-- a directory called templates, inside of which is 28 00:01:29,600 --> 00:01:32,390 footer.php and header.php. 29 00:01:32,390 --> 00:01:37,830 Now even a user knows that helpers.php exists or header.php exists or 30 00:01:37,830 --> 00:01:42,260 footer.php exists or some other file that might very well contain something 31 00:01:42,260 --> 00:01:46,360 private, like a username or password, he or she cannot get at that file, 32 00:01:46,360 --> 00:01:50,740 because it's no longer web accessible because those files are no longer in 33 00:01:50,740 --> 00:01:51,990 my public directory. 34 00:01:51,990 --> 00:01:53,302