Execute a PHP file with Cron ONLY

I've got a PHP script that needs to be executed once a day, at 3:05am Pacific time. I've currently got the script in the root of my site (as in, http://example.com/script.php), and as such, it's executable by anyone who navigates to it in their browser. My server is laid out like this:

/home/[user]/example.com/

Where the example.com folder is the root of that domain. I read the other thread about this:

PHP & cron: security issues

where it was said that I should move the script outside the public directory, so in my case I would move it to the [user] folder. Currently my Cron job command looks like this:

/usr/local/php5/bin/php /home/[user]/example.com/script.php

(I'm using pseudo-names of course.) Would I simply move the file and change the command to:

/usr/local/php5/bin/php /home/[user]/scr开发者_JAVA百科ipt.php

And it would run normally, yet be unavailable to the public? Since the script is already running through Cron, it's already set up using absolute paths (instead of relative ones) to the files that it needs to include, so this should be a simple move and edit, right?

You have several options:

• move that out of your web directory

• add some checking, eg:

  <?php
  
  if( ! isset($argv) )   
      die("cannot run!");
  

• check what mode your script run:

  $isCLI = ( php_sapi_name() == 'cli' );
  if( !$isCLI )
      die("cannot run!");
  

Can you tell us about the purpose of the script, if it's doing simple stuff for example mysql pruning:

5 3 * * * * root mysql -u username -e "UPDATE users SET days = days-1;"

might be better, similarly:

5 3 * * * * root /usr/local/php5/bin/php -r "$normal = 'php';code();$here"

may do the trick?

What I ended up doing was just moving it out of the public directory, into my home folder. CRON is still able to access and execute it from there. Thanks for the help guys.