Re: [PHP] including files outside of document root
On Jan 23, 2008, at 4:43 PM, Daniel Brown wrote: On Jan 23, 2008 4:19 PM, Jason Pruim [EMAIL PROTECTED] wrote: Okay, so I have this mostly working now! if I put my ini_set(include_path, blah/to/balh); on each and every page. I know I could include a file that is in the document root which specified that, but I was wondering if I was missing something? Obviously other then changing the php.ini file? You do know you can set overrides for PHP in .htaccess, or even have a whole php.ini file in the directory in which you're working, right? Holy frickin' crap I had never even thought about it, but it works great! it also helps to make the app more portable because I can set the include path in there so that they don't have to change it You just made my life so much earlier! Thank you! You can either set `php_flag include_path path/to/blah` in .htaccess (without the backticks, of course), or you can place a php.ini file in the same directory as the files to override the values (if they're INI_PERDIR or similar, anyway). -- /Dan Daniel P. Brown Senior Unix Geek and #1 Rated Year's Coolest Guy By Self Since Nineteen-Seventy-[mumble]. -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 24, 2008 1:05 PM, Jason Pruim [EMAIL PROTECTED] wrote: You just made my life so much earlier! Thank you! Yes, you guessed it. I am your father. -- /Dan Daniel P. Brown Senior Unix Geek and #1 Rated Year's Coolest Guy By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 22, 2008, at 3:57 PM, Jason Pruim wrote: Hi everyone, Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? Err... That doesn't make it very clear... Is there a program for Macintosh or Unix that I could use to grab all the source code from where ever I have it set? Or would I need to make my own? Or should I just quit being lazy and grab it my self? :) Yes I know I'm answering my own post... :) Thanks for all the suggestions that I received! It's helped me figure out some of the stuff, and now I just need a project to test some of the stuff with! Oh, and for an IDE I discovered that Apple XCode works very well as a php editor and file management system. Looks like it will work perfectly! I do have 2 questions though... #1. When including files outside of the webroot do you need to specify the entire path? Like for me, that would be something like: / volumes/raider/webserver/includes/projectname/includeme.php or can I just stop at: /webserver/includes/projectname/includeme.php? #2. Anyone got any small programming jobs that I can hone my skills with? :) You know, the kind of projects that you guru's don't want to do because you're too busy writting the Next Killer App (tm) but would be perfect learning experience/easy way to put some cash in the pocket? :) -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
Quoting Jason Pruim [EMAIL PROTECTED]: On Jan 22, 2008, at 3:57 PM, Jason Pruim wrote: Hi everyone, Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? Err... That doesn't make it very clear... Is there a program for Macintosh or Unix that I could use to grab all the source code from where ever I have it set? Or would I need to make my own? Or should I just quit being lazy and grab it my self? :) Yes I know I'm answering my own post... :) Thanks for all the suggestions that I received! It's helped me figure out some of the stuff, and now I just need a project to test some of the stuff with! Oh, and for an IDE I discovered that Apple XCode works very well as a php editor and file management system. Looks like it will work perfectly! I do have 2 questions though... #1. When including files outside of the webroot do you need to specify the entire path? Like for me, that would be something like: /volumes/raider/webserver/includes/projectname/includeme.php or can I just stop at: /webserver/includes/projectname/includeme.php? It depends. If you set your include_path to /webserver/includes (outside your webroot) Then you can include the files like include projectname/includeme.php; If the files are not in your include_path you either need to provide the full path. Or set the include path in your application and go from there. #2. Anyone got any small programming jobs that I can hone my skills with? :) You know, the kind of projects that you guru's don't want to do because you're too busy writting the Next Killer App (tm) but would be perfect learning experience/easy way to put some cash in the pocket? :) Can't help you with this one :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
2008. 01. 23, szerda keltezéssel 09.37-kor Jason Pruim ezt írta: On Jan 22, 2008, at 3:57 PM, Jason Pruim wrote: Hi everyone, Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? Err... That doesn't make it very clear... Is there a program for Macintosh or Unix that I could use to grab all the source code from where ever I have it set? Or would I need to make my own? Or should I just quit being lazy and grab it my self? :) Yes I know I'm answering my own post... :) Thanks for all the suggestions that I received! It's helped me figure out some of the stuff, and now I just need a project to test some of the stuff with! Oh, and for an IDE I discovered that Apple XCode works very well as a php editor and file management system. Looks like it will work perfectly! I do have 2 questions though... #1.When including files outside of the webroot do you need to specify the entire path? Like for me, that would be something like: / volumes/raider/webserver/includes/projectname/includeme.php or can I just stop at: /webserver/includes/projectname/includeme.php? you need either full path, or put the directory in include_path in php.ini #2. Anyone got any small programming jobs that I can hone my skills with? :) You know, the kind of projects that you guru's don't want to do because you're too busy writting the Next Killer App (tm) but would be perfect learning experience/easy way to put some cash in the pocket? :) as soon as I will have any jobs like that I'll email you :) greets Zoltán Németh -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 22, 2008 8:48 PM, Richard Lynch [EMAIL PROTECTED] wrote: On Tue, January 22, 2008 7:17 pm, Daniel Brown wrote: You may disagree with me on this here, Rich, but the way I do it is to have a single include_files.php file containing all of the files that need to be included as a whole, and a single configuration variable to set where those files are located. I know that they don't all have to be included in that file, but I find it makes it easier, since I use all of them with every page load. Can I put that include_files.php outside the web-tree as well? Or is the rest of your application bypassing include_path to force it to be inside the web-tree? Yes, the include_files.php file can be put anywhere. I leave it in the web tree, but it certainly doesn't have to be kept there. I also employ a function safe_include($filename) that uses a combination of file_exists($filename), is_file($filename), and is_readable($filename). If the function fails, no PHP error message is output if the file can't be found, and the script doesn't necessarily halt. If it's a critical file, instead a message is dispatched to my email, and a friendly message is placed on the site informing the user that a technical error has been encountered and will be repaired ASAP. This sounds nifty for your own clients, but I don't think it would work well for, say, BB or Cake or phpMyAdmin... No, that's for proprietary, single-production systems, and the systems won't be reused. I'm pretty sure the authors of those don't want an email from every broken install... :-) You got that damn straight! ;-) -- /Dan Daniel P. Brown Senior Unix Geek and #1 Rated Year's Coolest Guy By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Wed, January 23, 2008 8:37 am, Jason Pruim wrote: On Jan 22, 2008, at 3:57 PM, Jason Pruim wrote: Hi everyone, #1.When including files outside of the webroot do you need to specify the entire path? Like for me, that would be something like: / volumes/raider/webserver/includes/projectname/includeme.php or can I just stop at: /webserver/includes/projectname/includeme.php? Neither. :-) Figure out how PHP's include_path feature works and use that. http://php.net/set_include_path You should use set_include_path to define what directory[ies] PHP should search, and then just do: include 'includeme.php'; #2. Anyone got any small programming jobs that I can hone my skills with? :) You know, the kind of projects that you guru's don't want to do because you're too busy writting the Next Killer App (tm) but would be perfect learning experience/easy way to put some cash in the pocket? :) Non-profits/Charities often have programming needs not being met by traditional (costly) developers. They may have SOME cash, but not a lot. And there's always somebody wanting yet another shopping cart store-front installation... -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
Jason Pruim wrote: Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? I tend to keep the directories in the document root, but I deny access via an .htaccess file. This keeps the code in a simple directory structure. Anyone else doing that? -Roberto -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008, at 2:50 PM, Roberto Mansfield wrote: Jason Pruim wrote: Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? I tend to keep the directories in the document root, but I deny access via an .htaccess file. This keeps the code in a simple directory structure. Anyone else doing that? -Roberto I used to just throw everything in the same directory, include files, config files, pictures, css, html, php etc. etc. etc... When I made my decision to put the includes out side of the webroot it was because of a article I read by Chris Shiflett[1] that said basically that this way of including files was safer then using a .htaccess file to block access to it. that's why I made my decision. Not to say it's the right one, just a step in the right direction. To me it also seems more portable across hosts to have access outside of your webroot vs. access to .htaccess files. But I could be wrong, I have been lucky enough to always have a company server with php at my full control so I could use what ever I needed when I needed it. [1]http://shiflett.org/articles/secure-design -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008 2:50 PM, Roberto Mansfield [EMAIL PROTECTED] wrote: I tend to keep the directories in the document root, but I deny access via an .htaccess file. This keeps the code in a simple directory structure. Anyone else doing that? My fear on that is if there's changes to the server. Say, for example, someone takes over my job (which will happen someday, one way or another), and they are charged with upgrading services on the server. While doing Apache, they accidentally (for argument's sake) forget to properly configure the AllowOverrides and AddHandler/AddType directives. Now .htaccess isn't read and doesn't bar access to the directory, and the files have full source disclosure - including any database login credentials, et cetera. This is what we like to call a Bad Thing[tm]. -- /Dan Daniel P. Brown Senior Unix Geek and #1 Rated Year's Coolest Guy By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
Daniel Brown wrote: On Jan 23, 2008 2:50 PM, Roberto Mansfield [EMAIL PROTECTED] wrote: I tend to keep the directories in the document root, but I deny access via an .htaccess file. This keeps the code in a simple directory structure. Anyone else doing that? My fear on that is if there's changes to the server. Say, for example, someone takes over my job (which will happen someday, one way or another), and they are charged with upgrading services on the server. While doing Apache, they accidentally (for argument's sake) forget to properly configure the AllowOverrides and AddHandler/AddType directives. Now .htaccess isn't read and doesn't bar access to the directory, and the files have full source disclosure - including any database login credentials, et cetera. This is what we like to call a Bad Thing[tm]. Ahh, an excellent point. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008 2:56 PM, Jason Pruim [EMAIL PROTECTED] wrote: that's why I made my decision. Not to say it's the right one, just a step in the right direction. To me it also seems more portable across hosts to have access outside of your webroot vs. access to .htaccess It's far more portable, because every HTTP server out there knows how to handle paths, but only Apache knows how to handle an .htaccess file. So you can forget being able to use that same code on IIS, tinyhttpd, Boa, AnalogX SimpleServer:WWW (an old favorite!), et cetera. If it only works with one specific HTTP server, that's a serious limit. -- /Dan Daniel P. Brown Senior Unix Geek and #1 Rated Year's Coolest Guy By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008, at 3:04 PM, Daniel Brown wrote: On Jan 23, 2008 2:56 PM, Jason Pruim [EMAIL PROTECTED] wrote: that's why I made my decision. Not to say it's the right one, just a step in the right direction. To me it also seems more portable across hosts to have access outside of your webroot vs. access to .htaccess It's far more portable, because every HTTP server out there knows how to handle paths, but only Apache knows how to handle an .htaccess file. So you can forget being able to use that same code on IIS, tinyhttpd, Boa, AnalogX SimpleServer:WWW (an old favorite!), et cetera. If it only works with one specific HTTP server, that's a serious limit. I didn't realize that... That's good info. I always hear people talking about .htaccess files on all the different lists I'm on so I thought it was an industry standard thing :) Now I can shut my brain down because I learned my 1 new thing for today! m Beer -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008 3:28 PM, Jason Pruim [EMAIL PROTECTED] wrote: I didn't realize that... That's good info. I always hear people talking about .htaccess files on all the different lists I'm on so I thought it was an industry standard thing :) Now I can shut my brain down because I learned my 1 new thing for today! Learn more: http://en.wikipedia.org/wiki/.htaccess -- /Dan Daniel P. Brown Senior Unix Geek and #1 Rated Year's Coolest Guy By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008, at 2:42 PM, Richard Lynch wrote: On Wed, January 23, 2008 8:37 am, Jason Pruim wrote: On Jan 22, 2008, at 3:57 PM, Jason Pruim wrote: Hi everyone, #1. When including files outside of the webroot do you need to specify the entire path? Like for me, that would be something like: / volumes/raider/webserver/includes/projectname/includeme.php or can I just stop at: /webserver/includes/projectname/includeme.php? Neither. :-) Figure out how PHP's include_path feature works and use that. http://php.net/set_include_path You should use set_include_path to define what directory[ies] PHP should search, and then just do: include 'includeme.php'; Okay, so I have this mostly working now! if I put my ini_set(include_path, blah/to/balh); on each and every page. I know I could include a file that is in the document root which specified that, but I was wondering if I was missing something? Obviously other then changing the php.ini file? -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008 4:19 PM, Jason Pruim [EMAIL PROTECTED] wrote: Okay, so I have this mostly working now! if I put my ini_set(include_path, blah/to/balh); on each and every page. I know I could include a file that is in the document root which specified that, but I was wondering if I was missing something? Obviously other then changing the php.ini file? You do know you can set overrides for PHP in .htaccess, or even have a whole php.ini file in the directory in which you're working, right? You can either set `php_flag include_path path/to/blah` in .htaccess (without the backticks, of course), or you can place a php.ini file in the same directory as the files to override the values (if they're INI_PERDIR or similar, anyway). -- /Dan Daniel P. Brown Senior Unix Geek and #1 Rated Year's Coolest Guy By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Wed, January 23, 2008 1:50 pm, Roberto Mansfield wrote: Jason Pruim wrote: Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? I tend to keep the directories in the document root, but I deny access via an .htaccess file. This keeps the code in a simple directory structure. Anyone else doing that? I used to do that. Then I had to move the site one day. Simple enough... tar -cvf moving.tar httpdocs gzip moving.tar Copy the file over, and untar it: tar -xzvf moving.tar.gz Should be all good to go, right? Wrong! tar didn't snag all the .htaccess files. For a brief moment in time my source code was exposed. And the admin had no password protection. And the images being generated by PHP|GD didn't work. And... I found and fixed it easily enough, but it would have gone undetected for a long time if I hadn't had the other issues. So I don't do that anymore, and I put the .inc files outside the web tree. ymmv -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Wed, January 23, 2008 3:19 pm, Jason Pruim wrote: Okay, so I have this mostly working now! if I put my ini_set(include_path, blah/to/balh); on each and every page. I know I could include a file that is in the document root which specified that, but I was wondering if I was missing something? Obviously other then changing the php.ini file? Change php.ini or use .htacces (if you use Apache) or have ONE include file in the webtree that does this and include that. -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 22, 2008 3:57 PM, Jason Pruim [EMAIL PROTECTED] wrote: Hi everyone, Hi, Jason! Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? Absolutely. It's called a README file. Lots of well-designed applications keep the includes out of the web root, as they should. They're just included in a directory in the tarball, zip file, or whatever is being used to package and distribute the code, with installation instructions in the README or INSTALL file (or a similar counterpart). Err... That doesn't make it very clear... Yes it did. Leave it alone, it'll grow. Is there a program for Macintosh or Unix that I could use to grab all the source code from where ever I have it set? Or would I need to make my own? Or should I just quit being lazy and grab it my self? :) There's always SVN and CVS for file structure and system architecture, but a zip file or tarball would suffice. And you certainly don't want them downloading the files from the actual location on your server, since that defeats the purpose of placing them outside of the web root. Just one example of this is how WHM AutoPilot handles the situation. There's a database directory named mib_data that is included in the zip file with all of the web files. The README/INSTALL document tells you to place that folder outside of the web root (for example, if on a cPanel or same-structure server, make it ~/mib_data/). Very easy to understand and deploy. -- /Dan Daniel P. Brown Senior Unix Geek and #1 Rated Year's Coolest Guy By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 22, 2008 4:21 PM, Daniel Brown [EMAIL PROTECTED] wrote: On Jan 22, 2008 3:57 PM, Jason Pruim [EMAIL PROTECTED] wrote: Hi everyone, Hi, Jason! Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? Absolutely. It's called a README file. Lots of well-designed applications keep the includes out of the web root, as they should. They're just included in a directory in the tarball, zip file, or whatever is being used to package and distribute the code, with installation instructions in the README or INSTALL file (or a similar counterpart). Err... That doesn't make it very clear... Yes it did. Leave it alone, it'll grow. Is there a program for Macintosh or Unix that I could use to grab all the source code from where ever I have it set? Or would I need to make my own? Or should I just quit being lazy and grab it my self? :) There's always SVN and CVS for file structure and system architecture, but a zip file or tarball would suffice. And you certainly don't want them downloading the files from the actual location on your server, since that defeats the purpose of placing them outside of the web root. Just one example of this is how WHM AutoPilot handles the situation. There's a database directory named mib_data that is included in the zip file with all of the web files. The README/INSTALL document tells you to place that folder outside of the web root (for example, if on a cPanel or same-structure server, make it ~/mib_data/). Very easy to understand and deploy. -- /Dan Daniel P. Brown Senior Unix Geek and #1 Rated Year's Coolest Guy By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php I use Zend Studio. When a php file includes another file zend automatically includes that file in my current project. This is a nice feature. -- shout at http://me.cmyweb.net/ comment on http://talk.cmyweb.net/ All time available for Hire/Contract/Full Time :)
Re: [PHP] including files outside of document root
On MOST setups, you might have: /yourhomedirectory /httpd_docs_or_something_like_that /index.php /page2.php /includes /globals.inc /connect.inc /sql So, pretty much, you'd do something like: tar -cvf my_site.tar http_docs includes gzip my_site.tar And then you'd just install that wherever... Nothing peeves me more than some badly-conceived web-app with no way to move the include files out of the web-tree. On Tue, January 22, 2008 2:57 pm, Jason Pruim wrote: Hi everyone, Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? Err... That doesn't make it very clear... Is there a program for Macintosh or Unix that I could use to grab all the source code from where ever I have it set? Or would I need to make my own? Or should I just quit being lazy and grab it my self? :) -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 22, 2008 8:09 PM, Richard Lynch [EMAIL PROTECTED] wrote: Nothing peeves me more than some badly-conceived web-app with no way to move the include files out of the web-tree. You may disagree with me on this here, Rich, but the way I do it is to have a single include_files.php file containing all of the files that need to be included as a whole, and a single configuration variable to set where those files are located. I know that they don't all have to be included in that file, but I find it makes it easier, since I use all of them with every page load. I also employ a function safe_include($filename) that uses a combination of file_exists($filename), is_file($filename), and is_readable($filename). If the function fails, no PHP error message is output if the file can't be found, and the script doesn't necessarily halt. If it's a critical file, instead a message is dispatched to my email, and a friendly message is placed on the site informing the user that a technical error has been encountered and will be repaired ASAP. -- /Dan Daniel P. Brown Senior Unix Geek and #1 Rated Year's Coolest Guy By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Tue, January 22, 2008 7:17 pm, Daniel Brown wrote: On Jan 22, 2008 8:09 PM, Richard Lynch [EMAIL PROTECTED] wrote: Nothing peeves me more than some badly-conceived web-app with no way to move the include files out of the web-tree. You may disagree with me on this here, Rich, but the way I do it is to have a single include_files.php file containing all of the files that need to be included as a whole, and a single configuration variable to set where those files are located. I know that they don't all have to be included in that file, but I find it makes it easier, since I use all of them with every page load. Can I put that include_files.php outside the web-tree as well? Or is the rest of your application bypassing include_path to force it to be inside the web-tree? I also employ a function safe_include($filename) that uses a combination of file_exists($filename), is_file($filename), and is_readable($filename). If the function fails, no PHP error message is output if the file can't be found, and the script doesn't necessarily halt. If it's a critical file, instead a message is dispatched to my email, and a friendly message is placed on the site informing the user that a technical error has been encountered and will be repaired ASAP. This sounds nifty for your own clients, but I don't think it would work well for, say, BB or Cake or phpMyAdmin... I'm pretty sure the authors of those don't want an email from every broken install... :-) -- Some people have a gift link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
