Loading ...
Sorry, an error occurred while loading the content.

7087Re: [NH] Need help with path for PHP incude

Expand Messages
  • rhorbas@gmx.net
    Mar 6, 2012
    • 0 Attachment
      Mike Breiding wrote:
      > On 3/6/2012 5:01 PM, rhorbas@... wrote:
      >> Mike Breiding - Morgantown WV schrieb am 07.03.2012 00:54:
      >>> On 3/6/2012 4:42 PM, Rudolf Horbas wrote:
      >>>> <?php include $_SERVER['DOCUMENT_ROOT'] .
      >>>> '/2011/mtown2gv_nov_2011_p1/w1navigation.php'; ?>
      >>>> should do it. HTH, Rudi
      >
      >>> That did it!
      >> Great!
      >>
      >>> Have you any input on the use of a specific path:
      >>> http://epicroadtrips.us/2011/mtown2gv_nov_2011_p1/w1navigation.php
      >>
      >> What exactly do you mean?
      >
      > You answered that here:
      >
      >> Yes, you can. Not only will this fail in certain configs
      >> (allow_url_fopen, allow_url_include): There's no point using a slow http
      >> request via the network when the file is on the same disk.
      >> Use an absolute path instead, and prepend it with the server var
      >> DOCUMENT_ROOT:
      >>
      >> <?php
      >> include $_SERVER['DOCUMENT_ROOT'] .
      >> '/2011/mtown2gv_nov_2011_p1/w1navigation.php';
      >> ?>

      That's basically the same -- I'm just elaborating on this specific
      method of inclusion, because it's rather failsafe.

      Inclusion of files via http is definitely slower and completely
      unnecessary here, because php is allowed to get the file via it's own
      disk system.
      Getting the file via http has other disadvantages: It's being processed
      by php first, so any *php* code in the file is not available to the
      files including it, unless it generates php code itself, which would be
      really awkward.
      In other contexts, where you don't have complete control over the
      included file's contents, it's even a dangerous idea: Any generated php
      code in the file is being executed in the server's context, so it would
      be easy to insert malicious code. That's why many server configurations
      will have disabled it by default.

      So in a nutshell:

      Never use this method, unless you have very specific reasons to do so.

      Relative paths ("../../path/to/include.php") will get you there, albeit
      it takes some experience to find the correct path.

      Absolute paths with the server's document root (that's where the files
      are stored that are accessible via a browser) as a variable will almost
      always work.

      Rudi
    • Show all 25 messages in this topic