Okay, here's a tutorial on how you can prevent people from directly accessing certain PHP files. 
Useful for methods like require_once and include()
Let's start out basic with a template. It's always good to have a template. Doing things in a structured way is always good. I had a lot of success doing thing structurally. 
<?php
/* Codes go here */
?>
Okay, let's put some HTML content the person would get if they were to approach this site directly.
<?php
echo "<b>404 Error - File Not Found.</b>";
?>
Yes, you can modify the message. That's not a big deal.
So now we need to do a condition with an 'if' statement to secure it. To do this, we would just ask if a variable is defined. If not, then display that message. The key to this is that the variable shouldn't be defined.
if (!defined("RAWRZ")){
echo "<b>404 Error - File Not Found.</b>";
}
else {
/* PHP codes here */
}
Okay, now it's protected from direct access. This is useful to prevent people from accessing your include() and require(). Just make sure that before you include() or require() the page, you define the variable, which in this case is RAWRZ.
Example: (take the top php file to be called rawrz.php and this file, which includes rawrz.php to be called rawr.php)
<?php
define ("RAWRZ", true);
include("rawrz.php");
?>
Hope this helps. If anything isn't clear, let me know.
Enjoy ^_^
"The competent programmer is fully aware of the limited size of his own skull. He therefore approaches his task with full humility, and avoids clever tricks like the plague."
"Program testing can be used to show the presence of bugs, but never to show their absence!"
"APL is a mistake, carried through to perfection. It is the language of the future for the programming techniques of the past: it creates a new generation of coding bums."
