I have a php file that I include in my php script, but I don't want people to be able to directly run the file(without being included). How can I prevent that from happening?
Make the included scripts not accessible via HTTP at all. E.g. by protecting the subfolder or moving them above the document root.
If you cannot do that, define() something like IS_INCLUDED in your main script and exit; if this constant is not defined() in your included script.