I am using an eclass platform on Xampp. When you go directly to a file like www.domain.com/eclass/document.php and not follow the through-the-site navigation you get this.
What info can be extracted by a user, how to avoid it and how much is this harmful to the system ?
1146: Table 'eclass.accueil' doesn't exist
select `id` from accueil
where visible=1 AND lien NOT LIKE '%/user.php'
ORDER BY rubrique
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\xampp\htdocs\eclass\include\init.php on line 310
Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\eclass\include\lib\main.lib.php:61) in C:\xampp\htdocs\eclass\include\baseTheme.php on line 60
Apart from what others have already mentioned:
You could check if the visitor is making a direct request of the file, or if he is accessing it "the normal way." Include some form of authorisation in all your php files. Redirect users to main page if they are not authorised.
You could use .htaccess to protect files from direct access