PHP Includes

software development

#1

Hi all,
Is there a default folder I should be using for include files (php)?
At the moment I’m sticking them 1 level above the document root and calling them with 'require_once(…/folder/file.php). This will get messy when I start doing something like …/…/…/folder/file.php as I drill down within the site.

Is there a way to have ‘folder’ in the include path?
Do we have a personal php.ini file?
How do you all handle this?

phpinfo() shows a path of .:/usr/local/php5/lib/php. Obvious not the place to put them even if I had access.

As you can tell I’m a newbie at this. Any php I’ve done has been done locally. First time using an actual host.

thanks,


Mark


#2

When doing PHP includes, your best bet is to put all the files you want to include in the same folder. For example, http://example.com/includes/. Then you can perform the include by using the DOCUMENT_ROOT environment variable:

<?php include($_SERVER['DOCUMENT_ROOT']."/includes/file.php"; ?>That is functionally equivalent to:

<?php include("/home/username/domain.com/includes/file.php"; ?>--------
Simon Jessey | Keystone Websites
Save $97 on yearly plans with promo code [color=#CC0000]SCJESSEY97[/color]


#3

Thanks Simon,

the only issue with this is if someone types www.example.com/includes they get a listing of all the include files!! Which is no good if there’s sensitive info in there. I realise I can call the folder ‘fdg@321’ for eg instead of ‘includes’ and that I can stick an index.php that redirects the user away from the includes folder, but apparently (or so I’ve heard/read) it’s ‘safer’ to have the includes folder outside the document root and was just wondering if that’s possible on DreamHost? Am I being paranoid?

thanks,


Mark


#4

You can prevent directory listing by creating an .htaccess file containing the following line:

Options -IndexesPut that in the directory you are trying to protect. If you put it in your root directory, it will protect ALL directories.


Simon Jessey | Keystone Websites
Save $97 on yearly plans with promo code [color=#CC0000]SCJESSEY97[/color]


#5

You can set the include path at runtime. Have a look at

http://uk.php.net/manual/en/function.set-include-path.php


#6

[quote]You can set the include path at runtime. Have a look at

http://uk.php.net/manual/en/function.set-include-path.php[/quote]
As far as I know, that doesn’t work when PHP is running as a CGI application.


Simon Jessey | Keystone Websites
Save $97 on yearly plans with promo code [color=#CC0000]SCJESSEY97[/color]


#7

That option works with PHP CGI. It’s the php_value option that does not.


yerba# rm -rf /etc
yerba#


#8

And if all else fails, you can always use ini_set() under either mod_php or PHP-CGI.


If you want useful replies, ask smart questions.