I've been developing a simple SQL database accessed using PHP. My problem is that I need to prevent users accessing particular files (.htm and .swf) directly using a browser. To this end, I have used an INCLUDE command to call the relevant file(s) from inside the PHP. However, no matter what way I try to set-up the access permissions on the directories involved, I am left with either a totally non-secure directory, or one that I can neither view by browser or via PHP. Can anyone offer any help on this subject? I'm tearing my hair out!