Re: [PHP] Including files on NFS mount slow with APC enabled
I now notice that when I replace include_once with include the open()
call disappears. That's very nice, but why does include_once need to
open the file, even when apc.include_once_override is enabled? Is this a
bug?
On 08/16/2010 03:21 PM, Mark Hunting wrote:
> I am struggling with the performance of some websites that use a lot of
> includes (using include_once). The files are on a NFS mount (NFSv4), and
> I use APC to speed things up. APC has enough memory, and I see all
> included files are in the APC cache. apc.include_once_override is
> enabled. This is on a Ubuntu Linux 10.04 server.
>
> What surprises me is that using strace I see apache open()ing all
> included files. I would think this is not necessary as APC has these
> files in its cache. Opening a file takes 1-3 ms, the websites include
> 100-200 files, so this costs about half a second for each request. I
> tried a lot to prevent this but my options are exhausted. Is it normal
> that all these files are open()ed each time, and if so how can I speed
> up these includes?
>
> Part of the trace is below, look especially at the first line where 2ms
> are lost while this file is in the APC cache:
>
> open("/[removed]/library/Zend/Application.php", O_RDONLY) = 1440 <0.002035>
> fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000137>
> fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000124>
> fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000133>
> mmap(NULL, 11365, PROT_READ, MAP_SHARED, 1440, 0) = 0x7faf3f068000
> <0.000395>
> stat("/[removed]/library/Zend/Application.php", {st_mode=S_IFREG|0755,
> st_size=11365, ...}) = 0 <0.000219>
> munmap(0x7faf3f068000, 11365) = 0 <0.000151>
> close(1440) = 0 <0.000845>
>
> Thanks,
> Mark
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files on NFS mount slow with APC enabled
Thanks for your answer. I have tested this option before, and it indeed
disables the stat() operation. However, it doesn't disable the open()
operation, which is about 10x slower than the stat() call (see my
example trace).
On 08/16/2010 07:21 PM, Jonathan Tapicer wrote:
> Hi,
>
> APC checks by default if every included file was modified doing a stat
> call. You can disable it, setting apc.stat to 0
> (http://www.php.net/manual/en/apc.configuration.php#ini.apc.stat). Try
> if that improves the performance. Of course, you should manually
> delete the APC opcode cache every time you modify a PHP file, since
> APC won't detect that it was modified.
>
> Regards,
>
> Jonathan
>
> On Mon, Aug 16, 2010 at 10:21 AM, Mark Hunting wrote:
>
>> I am struggling with the performance of some websites that use a lot of
>> includes (using include_once). The files are on a NFS mount (NFSv4), and
>> I use APC to speed things up. APC has enough memory, and I see all
>> included files are in the APC cache. apc.include_once_override is
>> enabled. This is on a Ubuntu Linux 10.04 server.
>>
>> What surprises me is that using strace I see apache open()ing all
>> included files. I would think this is not necessary as APC has these
>> files in its cache. Opening a file takes 1-3 ms, the websites include
>> 100-200 files, so this costs about half a second for each request. I
>> tried a lot to prevent this but my options are exhausted. Is it normal
>> that all these files are open()ed each time, and if so how can I speed
>> up these includes?
>>
>> Part of the trace is below, look especially at the first line where 2ms
>> are lost while this file is in the APC cache:
>>
>> open("/[removed]/library/Zend/Application.php", O_RDONLY) = 1440 <0.002035>
>> fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000137>
>> fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000124>
>> fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000133>
>> mmap(NULL, 11365, PROT_READ, MAP_SHARED, 1440, 0) = 0x7faf3f068000
>> <0.000395>
>> stat("/[removed]/library/Zend/Application.php", {st_mode=S_IFREG|0755,
>> st_size=11365, ...}) = 0 <0.000219>
>> munmap(0x7faf3f068000, 11365) = 0 <0.000151>
>> close(1440) = 0 <0.000845>
>>
>> Thanks,
>> Mark
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files on NFS mount slow with APC enabled
Hi,
APC checks by default if every included file was modified doing a stat
call. You can disable it, setting apc.stat to 0
(http://www.php.net/manual/en/apc.configuration.php#ini.apc.stat). Try
if that improves the performance. Of course, you should manually
delete the APC opcode cache every time you modify a PHP file, since
APC won't detect that it was modified.
Regards,
Jonathan
On Mon, Aug 16, 2010 at 10:21 AM, Mark Hunting wrote:
> I am struggling with the performance of some websites that use a lot of
> includes (using include_once). The files are on a NFS mount (NFSv4), and
> I use APC to speed things up. APC has enough memory, and I see all
> included files are in the APC cache. apc.include_once_override is
> enabled. This is on a Ubuntu Linux 10.04 server.
>
> What surprises me is that using strace I see apache open()ing all
> included files. I would think this is not necessary as APC has these
> files in its cache. Opening a file takes 1-3 ms, the websites include
> 100-200 files, so this costs about half a second for each request. I
> tried a lot to prevent this but my options are exhausted. Is it normal
> that all these files are open()ed each time, and if so how can I speed
> up these includes?
>
> Part of the trace is below, look especially at the first line where 2ms
> are lost while this file is in the APC cache:
>
> open("/[removed]/library/Zend/Application.php", O_RDONLY) = 1440 <0.002035>
> fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000137>
> fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000124>
> fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000133>
> mmap(NULL, 11365, PROT_READ, MAP_SHARED, 1440, 0) = 0x7faf3f068000
> <0.000395>
> stat("/[removed]/library/Zend/Application.php", {st_mode=S_IFREG|0755,
> st_size=11365, ...}) = 0 <0.000219>
> munmap(0x7faf3f068000, 11365) = 0 <0.000151>
> close(1440) = 0 <0.000845>
>
> Thanks,
> Mark
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Including files on NFS mount slow with APC enabled
I am struggling with the performance of some websites that use a lot of
includes (using include_once). The files are on a NFS mount (NFSv4), and
I use APC to speed things up. APC has enough memory, and I see all
included files are in the APC cache. apc.include_once_override is
enabled. This is on a Ubuntu Linux 10.04 server.
What surprises me is that using strace I see apache open()ing all
included files. I would think this is not necessary as APC has these
files in its cache. Opening a file takes 1-3 ms, the websites include
100-200 files, so this costs about half a second for each request. I
tried a lot to prevent this but my options are exhausted. Is it normal
that all these files are open()ed each time, and if so how can I speed
up these includes?
Part of the trace is below, look especially at the first line where 2ms
are lost while this file is in the APC cache:
open("/[removed]/library/Zend/Application.php", O_RDONLY) = 1440 <0.002035>
fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000137>
fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000124>
fstat(1440, {st_mode=S_IFREG|0755, st_size=11365, ...}) = 0 <0.000133>
mmap(NULL, 11365, PROT_READ, MAP_SHARED, 1440, 0) = 0x7faf3f068000
<0.000395>
stat("/[removed]/library/Zend/Application.php", {st_mode=S_IFREG|0755,
st_size=11365, ...}) = 0 <0.000219>
munmap(0x7faf3f068000, 11365) = 0 <0.000151>
close(1440) = 0 <0.000845>
Thanks,
Mark
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files for templates
On Sun, Mar 23, 2008 at 7:32 AM, Terry Burns-Dyson <[EMAIL PROTECTED]> wrote: > I'm trying to write a template system, my template is the HTML layout, and > my content is fetched from another source. However I don't quite understand > how to output the template so that all the variables are parsed by PHP. > Simple version of what I'm trying to do; > > ob_start( ); > > extract( $params, EXTR_PREFIX_SAME, "am_"); > > $pageContent = file_get_contents( "page_to_display.html"); > > include( "template.html"); > > echo ob_get_clean( ); > > > $pageTitle is in the template, it's replaced, $pageContent is in the > template, it's replaced. But any variables within the page_to_display are > simply output into the page rather than processed by PHP. I realise that > file_get_contents is basically returning a string and I"m just doing string > replacement when I include the template.html, so my only question is, what's > the actual way of doing this? > > Thanks > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > I used to use this extract/include methodology before I really thought about the performance aspect of it. I would create a template object that could have variables injected into it and then tell it to render(). The render process would extract everything in the data array & include a template file. After I found out about xdebug I stopped doing this. Now my approach is more in line of the Zend_View[1] template engine. Just a generic class to define the path to the template, a way to put variables into it, and a render function. The big difference this time is that instead of extract I just use $this-> inside the template. [1] http://framework.zend.com/manual/en/zend.view.html -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files for templates
On Mar 23, 2008, at 12:10 PM, Daniel Brown wrote:
On Sun, Mar 23, 2008 at 6:32 AM, Terry Burns-Dyson
<[EMAIL PROTECTED]> wrote:
[snip!]
$pageTitle is in the template, it's replaced, $pageContent is in the
template, it's replaced. But any variables within the
page_to_display are
simply output into the page rather than processed by PHP. I
realise that
file_get_contents is basically returning a string and I"m just
doing string
replacement when I include the template.html, so my only question
is, what's
the actual way of doing this?
The simples way would be like so:
http://www.other-website.tld";;
?>
1) {
switch($_GET['s']) {
case "page1":
$section = $_GET['s'];
break;
case "contact":
$section = $_GET['s'];
break;
case "about":
// We'll pretend the page name was changed here.
$section = "about_us";
break;
default:
$section = "home";
break;
}
} else {
$section = "home";
}
include('content/'.$section.'.php');
include('templates/header.php');
include('templates/'.$section.'.php');
include('templates/footer.php');
/* This means that the content file with the
variables is parsed first, and defines the
variables within the scope of this execution.
It's included before the header.php file so
that the $page_title variable is defined. */
?>
Everything herein was typed directly into this email and is
untested, so it's by no means guaranteed to work, has not been
properly sanitized or tested, and is for informational purposes only,
to get you started in the right direction.
Here is another way (same disclaimer as above):
$replaceMe1,
'REPLACE_ME_2' => $replaceMe2,
'REPLACE_ME_3' => $replaceMe3,
'REPLACE_ME_4' => $replaceMe4,
);
$template = file_get_contents ('templates/somePage.tpl.php');
$somePage = str_replace (array_keys($replace), array_values($replace),
$template);
?>
Contents of some page
Happy coding!
~Philip
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files for templates
On Sun, Mar 23, 2008 at 6:32 AM, Terry Burns-Dyson
<[EMAIL PROTECTED]> wrote:
[snip!]
> $pageTitle is in the template, it's replaced, $pageContent is in the
> template, it's replaced. But any variables within the page_to_display are
> simply output into the page rather than processed by PHP. I realise that
> file_get_contents is basically returning a string and I"m just doing string
> replacement when I include the template.html, so my only question is, what's
> the actual way of doing this?
The simples way would be like so:
http://www.other-website.tld";;
?>
1) {
switch($_GET['s']) {
case "page1":
$section = $_GET['s'];
break;
case "contact":
$section = $_GET['s'];
break;
case "about":
// We'll pretend the page name was changed here.
$section = "about_us";
break;
default:
$section = "home";
break;
}
} else {
$section = "home";
}
include('content/'.$section.'.php');
include('templates/header.php');
include('templates/'.$section.'.php');
include('templates/footer.php');
/* This means that the content file with the
variables is parsed first, and defines the
variables within the scope of this execution.
It's included before the header.php file so
that the $page_title variable is defined. */
?>
Everything herein was typed directly into this email and is
untested, so it's by no means guaranteed to work, has not been
properly sanitized or tested, and is for informational purposes only,
to get you started in the right direction.
--
Forensic Services, Senior Unix Engineer
1+ (570-) 362-0283
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Including files for templates
I'm trying to write a template system, my template is the HTML layout, and my content is fetched from another source. However I don't quite understand how to output the template so that all the variables are parsed by PHP. Simple version of what I'm trying to do; ob_start( ); extract( $params, EXTR_PREFIX_SAME, "am_"); $pageContent = file_get_contents( "page_to_display.html"); include( "template.html"); echo ob_get_clean( ); $pageTitle is in the template, it's replaced, $pageContent is in the template, it's replaced. But any variables within the page_to_display are simply output into the page rather than processed by PHP. I realise that file_get_contents is basically returning a string and I"m just doing string replacement when I include the template.html, so my only question is, what's the actual way of doing this? Thanks -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 24, 2008 1:05 PM, Jason Pruim <[EMAIL PROTECTED]> wrote: > > You just made my life so much earlier! Thank you! Yes, you guessed it. I am your father. -- Daniel P. Brown Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008, at 4:43 PM, Daniel Brown wrote:
On Jan 23, 2008 4:19 PM, Jason Pruim <[EMAIL PROTECTED]> wrote:
Okay, so I have this mostly working now! if I put my
ini_set("include_path", "blah/to/balh"); on each and every page. I
know I could include a file that is in the document root which
specified that, but I was wondering if I was missing something?
Obviously other then changing the php.ini file?
You do know you can set overrides for PHP in .htaccess, or even
have a whole php.ini file in the directory in which you're working,
right?
Holy frickin' crap I had never even thought about it, but it works
great! it also helps to make the app more portable because I can set
the include path in there so that they don't have to change it
You just made my life so much earlier! Thank you!
You can either set `php_flag include_path path/to/blah` in
.htaccess (without the backticks, of course), or you can place a
php.ini file in the same directory as the files to override the values
(if they're INI_PERDIR or similar, anyway).
--
Daniel P. Brown
Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since
Nineteen-Seventy-[mumble].
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424
www.raoset.com
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Wed, January 23, 2008 3:19 pm, Jason Pruim wrote:
> Okay, so I have this mostly working now! if I put my
> ini_set("include_path", "blah/to/balh"); on each and every page. I
> know I could include a file that is in the document root which
> specified that, but I was wondering if I was missing something?
> Obviously other then changing the php.ini file?
Change php.ini or use .htacces (if you use Apache) or have ONE include
file in the webtree that does this and include that.
--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/from/lynch
Yeah, I get a buck. So?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Wed, January 23, 2008 1:50 pm, Roberto Mansfield wrote: > Jason Pruim wrote: >> >>> Been doing some reading on security and have decided that I should >>> be >>> storing my include files outside of the document root... Which I >>> understand how to do it, but what I'm wondering, is say I write the >>> Next Killer App (tm). How would I port that code easily off of my >>> server and put it into a downloadable file for the millions of >>> people >>> who will download and run the Next Killer App (tm)? > > I tend to keep the directories in the document root, but I deny access > via an .htaccess file. This keeps the code in a simple directory > structure. Anyone else doing that? I used to do that. Then I had to move the site one day. Simple enough... tar -cvf moving.tar httpdocs gzip moving.tar Copy the file over, and untar it: tar -xzvf moving.tar.gz Should be all good to go, right? Wrong! tar didn't snag all the .htaccess files. For a brief moment in time my source code was exposed. And the admin had no password protection. And the images being generated by PHP|GD didn't work. And... I found and fixed it easily enough, but it would have gone undetected for a long time if I hadn't had the other issues. So I don't do that anymore, and I put the .inc files outside the web tree. ymmv -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008 4:19 PM, Jason Pruim <[EMAIL PROTECTED]> wrote:
> Okay, so I have this mostly working now! if I put my
> ini_set("include_path", "blah/to/balh"); on each and every page. I
> know I could include a file that is in the document root which
> specified that, but I was wondering if I was missing something?
> Obviously other then changing the php.ini file?
You do know you can set overrides for PHP in .htaccess, or even
have a whole php.ini file in the directory in which you're working,
right?
You can either set `php_flag include_path path/to/blah` in
.htaccess (without the backticks, of course), or you can place a
php.ini file in the same directory as the files to override the values
(if they're INI_PERDIR or similar, anyway).
--
Daniel P. Brown
Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since
Nineteen-Seventy-[mumble].
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008, at 2:42 PM, Richard Lynch wrote:
On Wed, January 23, 2008 8:37 am, Jason Pruim wrote:
On Jan 22, 2008, at 3:57 PM, Jason Pruim wrote:
Hi everyone,
#1. When including files outside of the webroot do you need to
specify the entire path? Like for me, that would be something like:
"/
volumes/raider/webserver/includes/projectname/includeme.php" or can I
just stop at: "/webserver/includes/projectname/includeme.php"?
Neither. :-)
Figure out how PHP's include_path feature works and use that.
http://php.net/set_include_path
You should use set_include_path to define what directory[ies] PHP
should search, and then just do:
include 'includeme.php';
Okay, so I have this mostly working now! if I put my
ini_set("include_path", "blah/to/balh"); on each and every page. I
know I could include a file that is in the document root which
specified that, but I was wondering if I was missing something?
Obviously other then changing the php.ini file?
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424
www.raoset.com
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008 3:28 PM, Jason Pruim <[EMAIL PROTECTED]> wrote: > I didn't realize that... That's good info. I always hear people > talking about .htaccess files on all the different lists I'm on so I > thought it was an industry standard thing :) > > Now I can shut my brain down because I learned my 1 new thing for today! Learn more: http://en.wikipedia.org/wiki/.htaccess -- Daniel P. Brown Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008, at 3:04 PM, Daniel Brown wrote: On Jan 23, 2008 2:56 PM, Jason Pruim <[EMAIL PROTECTED]> wrote: that's why I made my decision. Not to say it's the right one, just a step in the right direction. To me it also seems more portable across hosts to have access outside of your webroot vs. access to .htaccess It's far more portable, because every HTTP server out there knows how to handle paths, but only Apache knows how to handle an .htaccess file. So you can forget being able to use that same code on IIS, tinyhttpd, Boa, AnalogX SimpleServer:WWW (an old favorite!), et cetera. If it only works with one specific HTTP server, that's a serious limit. I didn't realize that... That's good info. I always hear people talking about .htaccess files on all the different lists I'm on so I thought it was an industry standard thing :) Now I can shut my brain down because I learned my 1 new thing for today! "m Beer" -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008 2:56 PM, Jason Pruim <[EMAIL PROTECTED]> wrote: > that's why I made my decision. Not to say it's the right one, just a > step in the right direction. To me it also seems more portable across > hosts to have access outside of your webroot vs. access to .htaccess It's far more portable, because every HTTP server out there knows how to handle paths, but only Apache knows how to handle an .htaccess file. So you can forget being able to use that same code on IIS, tinyhttpd, Boa, AnalogX SimpleServer:WWW (an old favorite!), et cetera. If it only works with one specific HTTP server, that's a serious limit. -- Daniel P. Brown Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
Daniel Brown wrote: > On Jan 23, 2008 2:50 PM, Roberto Mansfield <[EMAIL PROTECTED]> wrote: >> I tend to keep the directories in the document root, but I deny access >> via an .htaccess file. This keeps the code in a simple directory >> structure. Anyone else doing that? > > My fear on that is if there's changes to the server. Say, for > example, someone takes over my job (which will happen someday, one way > or another), and they are charged with upgrading services on the > server. While doing Apache, they "accidentally" (for argument's sake) > forget to properly configure the AllowOverrides and AddHandler/AddType > directives. Now .htaccess isn't read and doesn't bar access to the > directory, and the files have full source disclosure - including any > database login credentials, et cetera. > > This is what we like to call a Bad Thing[tm]. > Ahh, an excellent point. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008 2:50 PM, Roberto Mansfield <[EMAIL PROTECTED]> wrote: > I tend to keep the directories in the document root, but I deny access > via an .htaccess file. This keeps the code in a simple directory > structure. Anyone else doing that? My fear on that is if there's changes to the server. Say, for example, someone takes over my job (which will happen someday, one way or another), and they are charged with upgrading services on the server. While doing Apache, they "accidentally" (for argument's sake) forget to properly configure the AllowOverrides and AddHandler/AddType directives. Now .htaccess isn't read and doesn't bar access to the directory, and the files have full source disclosure - including any database login credentials, et cetera. This is what we like to call a Bad Thing[tm]. -- Daniel P. Brown Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 23, 2008, at 2:50 PM, Roberto Mansfield wrote: Jason Pruim wrote: Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? I tend to keep the directories in the document root, but I deny access via an .htaccess file. This keeps the code in a simple directory structure. Anyone else doing that? -Roberto I used to just throw everything in the same directory, include files, config files, pictures, css, html, php etc. etc. etc... When I made my decision to put the includes out side of the webroot it was because of a article I read by Chris Shiflett[1] that said basically that this way of including files was safer then using a .htaccess file to block access to it. that's why I made my decision. Not to say it's the right one, just a step in the right direction. To me it also seems more portable across hosts to have access outside of your webroot vs. access to .htaccess files. But I could be wrong, I have been lucky enough to always have a company server with php at my full control so I could use what ever I needed when I needed it. [1]http://shiflett.org/articles/secure-design -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
Jason Pruim wrote: > >> Been doing some reading on security and have decided that I should be >> storing my include files outside of the document root... Which I >> understand how to do it, but what I'm wondering, is say I write the >> Next Killer App (tm). How would I port that code easily off of my >> server and put it into a downloadable file for the millions of people >> who will download and run the Next Killer App (tm)? I tend to keep the directories in the document root, but I deny access via an .htaccess file. This keeps the code in a simple directory structure. Anyone else doing that? -Roberto -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Wed, January 23, 2008 8:37 am, Jason Pruim wrote: > > On Jan 22, 2008, at 3:57 PM, Jason Pruim wrote: > >> Hi everyone, >> > #1.When including files outside of the webroot do you need to > specify the entire path? Like for me, that would be something like: "/ > volumes/raider/webserver/includes/projectname/includeme.php" or can I > just stop at: "/webserver/includes/projectname/includeme.php"? Neither. :-) Figure out how PHP's include_path feature works and use that. http://php.net/set_include_path You should use set_include_path to define what directory[ies] PHP should search, and then just do: include 'includeme.php'; > #2. Anyone got any small programming jobs that I can hone my skills > with? :) You know, the kind of projects that you guru's don't want to > do because you're too busy writting the Next Killer App (tm) but would > be perfect learning experience/easy way to put some cash in the > pocket? :) Non-profits/Charities often have programming needs not being met by traditional (costly) developers. They may have SOME cash, but not a lot. And there's always somebody wanting yet another shopping cart store-front installation... -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 22, 2008 8:48 PM, Richard Lynch <[EMAIL PROTECTED]> wrote: > On Tue, January 22, 2008 7:17 pm, Daniel Brown wrote: > > You may disagree with me on this here, Rich, but the way I do it > > is to have a single include_files.php file containing all of the files > > that need to be included as a whole, and a single configuration > > variable to set where those files are located. I know that they don't > > all have to be included in that file, but I find it makes it easier, > > since I use all of them with every page load. > > Can I put that include_files.php outside the web-tree as well? > > Or is the rest of your application bypassing include_path to force it > to be inside the web-tree? Yes, the include_files.php file can be put anywhere. I leave it in the web tree, but it certainly doesn't have to be kept there. > > I also employ a function safe_include($filename) that uses a > > combination of file_exists($filename), is_file($filename), and > > is_readable($filename). If the function fails, no PHP error message > > is output if the file can't be found, and the script doesn't > > necessarily halt. If it's a critical file, instead a message is > > dispatched to my email, and a friendly message is placed on the site > > informing the user that a technical error has been encountered and > > will be repaired ASAP. > > This sounds nifty for your own clients, but I don't think it would > work well for, say, BB or Cake or phpMyAdmin... No, that's for proprietary, single-production systems, and the systems won't be reused. > I'm pretty sure the authors of those don't want an email from every > broken install... :-) You got that damn straight! ;-) -- Daniel P. Brown Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
2008. 01. 23, szerda keltezéssel 09.37-kor Jason Pruim ezt írta: > On Jan 22, 2008, at 3:57 PM, Jason Pruim wrote: > > > Hi everyone, > > > > Been doing some reading on security and have decided that I should > > be storing my include files outside of the document root... Which I > > understand how to do it, but what I'm wondering, is say I write the > > Next Killer App (tm). How would I port that code easily off of my > > server and put it into a downloadable file for the millions of > > people who will download and run the Next Killer App (tm)? > > > > Err... That doesn't make it very clear... Is there a program for > > Macintosh or Unix that I could use to grab all the source code from > > where ever I have it set? Or would I need to make my own? Or should > > I just quit being lazy and grab it my self? :) > > > Yes I know I'm answering my own post... :) > > Thanks for all the suggestions that I received! It's helped me figure > out some of the stuff, and now I just need a project to test some of > the stuff with! > > Oh, and for an IDE I discovered that Apple XCode works very well as a > php editor and file management system. Looks like it will work > perfectly! > > I do have 2 questions though... > > #1.When including files outside of the webroot do you need to > specify the entire path? Like for me, that would be something like: "/ > volumes/raider/webserver/includes/projectname/includeme.php" or can I > just stop at: "/webserver/includes/projectname/includeme.php"? you need either full path, or put the directory in include_path in php.ini > > #2. Anyone got any small programming jobs that I can hone my skills > with? :) You know, the kind of projects that you guru's don't want to > do because you're too busy writting the Next Killer App (tm) but would > be perfect learning experience/easy way to put some cash in the > pocket? :) as soon as I will have any jobs like that I'll email you :) greets Zoltán Németh > > > -- > > Jason Pruim > Raoset Inc. > Technology Manager > MQC Specialist > 3251 132nd ave > Holland, MI, 49424 > www.raoset.com > [EMAIL PROTECTED] > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
Quoting Jason Pruim <[EMAIL PROTECTED]>: On Jan 22, 2008, at 3:57 PM, Jason Pruim wrote: Hi everyone, Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? Err... That doesn't make it very clear... Is there a program for Macintosh or Unix that I could use to grab all the source code from where ever I have it set? Or would I need to make my own? Or should I just quit being lazy and grab it my self? :) Yes I know I'm answering my own post... :) Thanks for all the suggestions that I received! It's helped me figure out some of the stuff, and now I just need a project to test some of the stuff with! Oh, and for an IDE I discovered that Apple XCode works very well as a php editor and file management system. Looks like it will work perfectly! I do have 2 questions though... #1. When including files outside of the webroot do you need to specify the entire path? Like for me, that would be something like: "/volumes/raider/webserver/includes/projectname/includeme.php" or can I just stop at: "/webserver/includes/projectname/includeme.php"? It depends. If you set your include_path to /webserver/includes (outside your webroot) Then you can include the files like include "projectname/includeme.php"; If the files are not in your include_path you either need to provide the full path. Or set the include path in your application and go from there. #2. Anyone got any small programming jobs that I can hone my skills with? :) You know, the kind of projects that you guru's don't want to do because you're too busy writting the Next Killer App (tm) but would be perfect learning experience/easy way to put some cash in the pocket? :) Can't help you with this one :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 22, 2008, at 3:57 PM, Jason Pruim wrote: Hi everyone, Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? Err... That doesn't make it very clear... Is there a program for Macintosh or Unix that I could use to grab all the source code from where ever I have it set? Or would I need to make my own? Or should I just quit being lazy and grab it my self? :) Yes I know I'm answering my own post... :) Thanks for all the suggestions that I received! It's helped me figure out some of the stuff, and now I just need a project to test some of the stuff with! Oh, and for an IDE I discovered that Apple XCode works very well as a php editor and file management system. Looks like it will work perfectly! I do have 2 questions though... #1. When including files outside of the webroot do you need to specify the entire path? Like for me, that would be something like: "/ volumes/raider/webserver/includes/projectname/includeme.php" or can I just stop at: "/webserver/includes/projectname/includeme.php"? #2. Anyone got any small programming jobs that I can hone my skills with? :) You know, the kind of projects that you guru's don't want to do because you're too busy writting the Next Killer App (tm) but would be perfect learning experience/easy way to put some cash in the pocket? :) -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Tue, January 22, 2008 7:17 pm, Daniel Brown wrote: > On Jan 22, 2008 8:09 PM, Richard Lynch <[EMAIL PROTECTED]> wrote: >> Nothing peeves me more than some badly-conceived web-app with no way >> to move the include files out of the web-tree. > > You may disagree with me on this here, Rich, but the way I do it > is to have a single include_files.php file containing all of the files > that need to be included as a whole, and a single configuration > variable to set where those files are located. I know that they don't > all have to be included in that file, but I find it makes it easier, > since I use all of them with every page load. Can I put that include_files.php outside the web-tree as well? Or is the rest of your application bypassing include_path to force it to be inside the web-tree? > I also employ a function safe_include($filename) that uses a > combination of file_exists($filename), is_file($filename), and > is_readable($filename). If the function fails, no PHP error message > is output if the file can't be found, and the script doesn't > necessarily halt. If it's a critical file, instead a message is > dispatched to my email, and a friendly message is placed on the site > informing the user that a technical error has been encountered and > will be repaired ASAP. This sounds nifty for your own clients, but I don't think it would work well for, say, BB or Cake or phpMyAdmin... I'm pretty sure the authors of those don't want an email from every broken install... :-) -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 22, 2008 8:09 PM, Richard Lynch <[EMAIL PROTECTED]> wrote: > Nothing peeves me more than some badly-conceived web-app with no way > to move the include files out of the web-tree. You may disagree with me on this here, Rich, but the way I do it is to have a single include_files.php file containing all of the files that need to be included as a whole, and a single configuration variable to set where those files are located. I know that they don't all have to be included in that file, but I find it makes it easier, since I use all of them with every page load. I also employ a function safe_include($filename) that uses a combination of file_exists($filename), is_file($filename), and is_readable($filename). If the function fails, no PHP error message is output if the file can't be found, and the script doesn't necessarily halt. If it's a critical file, instead a message is dispatched to my email, and a friendly message is placed on the site informing the user that a technical error has been encountered and will be repaired ASAP. -- Daniel P. Brown Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On MOST setups, you might have: /yourhomedirectory /httpd_docs_or_something_like_that /index.php /page2.php /includes /globals.inc /connect.inc /sql So, pretty much, you'd do something like: tar -cvf my_site.tar http_docs includes gzip my_site.tar And then you'd just install that wherever... Nothing peeves me more than some badly-conceived web-app with no way to move the include files out of the web-tree. On Tue, January 22, 2008 2:57 pm, Jason Pruim wrote: > Hi everyone, > > Been doing some reading on security and have decided that I should be > storing my include files outside of the document root... Which I > understand how to do it, but what I'm wondering, is say I write the > Next Killer App (tm). How would I port that code easily off of my > server and put it into a downloadable file for the millions of people > who will download and run the Next Killer App (tm)? > > Err... That doesn't make it very clear... Is there a program for > Macintosh or Unix that I could use to grab all the source code from > where ever I have it set? Or would I need to make my own? Or should I > just quit being lazy and grab it my self? :) > > > -- > > Jason Pruim > Raoset Inc. > Technology Manager > MQC Specialist > 3251 132nd ave > Holland, MI, 49424 > www.raoset.com > [EMAIL PROTECTED] > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files outside of document root
On Jan 22, 2008 4:21 PM, Daniel Brown <[EMAIL PROTECTED]> wrote: > On Jan 22, 2008 3:57 PM, Jason Pruim <[EMAIL PROTECTED]> wrote: > > Hi everyone, > >Hi, Jason! > > > Been doing some reading on security and have decided that I should be > > storing my include files outside of the document root... Which I > > understand how to do it, but what I'm wondering, is say I write the > > Next Killer App (tm). How would I port that code easily off of my > > server and put it into a downloadable file for the millions of people > > who will download and run the Next Killer App (tm)? > >Absolutely. It's called a README file. Lots of well-designed > applications keep the includes out of the web root, as they should. > They're just included in a directory in the tarball, zip file, or > whatever is being used to package and distribute the code, with > installation instructions in the README or INSTALL file (or a similar > counterpart). > > > Err... That doesn't make it very clear... > >Yes it did. Leave it alone, it'll grow. > > > Is there a program for > > Macintosh or Unix that I could use to grab all the source code from > > where ever I have it set? Or would I need to make my own? Or should I > > just quit being lazy and grab it my self? :) > >There's always SVN and CVS for file structure and system > architecture, but a zip file or tarball would suffice. And you > certainly don't want them downloading the files from the actual > location on your server, since that defeats the purpose of placing > them outside of the web root. > >Just one example of this is how WHM AutoPilot handles the > situation. There's a database directory named mib_data that is > included in the zip file with all of the web files. The > README/INSTALL document tells you to place that folder outside of the > web root (for example, if on a cPanel or same-structure server, make > it ~/mib_data/). Very easy to understand and deploy. > > -- > > > Daniel P. Brown > Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since > Nineteen-Seventy-[mumble]. > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > I use Zend Studio. When a php file includes another file zend automatically includes that file in my current project. This is a nice feature. -- shout at http://me.cmyweb.net/ comment on http://talk.cmyweb.net/ All time available for Hire/Contract/Full Time :)
Re: [PHP] including files outside of document root
On Jan 22, 2008 3:57 PM, Jason Pruim <[EMAIL PROTECTED]> wrote: > Hi everyone, Hi, Jason! > Been doing some reading on security and have decided that I should be > storing my include files outside of the document root... Which I > understand how to do it, but what I'm wondering, is say I write the > Next Killer App (tm). How would I port that code easily off of my > server and put it into a downloadable file for the millions of people > who will download and run the Next Killer App (tm)? Absolutely. It's called a README file. Lots of well-designed applications keep the includes out of the web root, as they should. They're just included in a directory in the tarball, zip file, or whatever is being used to package and distribute the code, with installation instructions in the README or INSTALL file (or a similar counterpart). > Err... That doesn't make it very clear... Yes it did. Leave it alone, it'll grow. > Is there a program for > Macintosh or Unix that I could use to grab all the source code from > where ever I have it set? Or would I need to make my own? Or should I > just quit being lazy and grab it my self? :) There's always SVN and CVS for file structure and system architecture, but a zip file or tarball would suffice. And you certainly don't want them downloading the files from the actual location on your server, since that defeats the purpose of placing them outside of the web root. Just one example of this is how WHM AutoPilot handles the situation. There's a database directory named mib_data that is included in the zip file with all of the web files. The README/INSTALL document tells you to place that folder outside of the web root (for example, if on a cPanel or same-structure server, make it ~/mib_data/). Very easy to understand and deploy. -- Daniel P. Brown Senior Unix Geek and #1 Rated "Year's Coolest Guy" By Self Since Nineteen-Seventy-[mumble]. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] including files outside of document root
Hi everyone, Been doing some reading on security and have decided that I should be storing my include files outside of the document root... Which I understand how to do it, but what I'm wondering, is say I write the Next Killer App (tm). How would I port that code easily off of my server and put it into a downloadable file for the millions of people who will download and run the Next Killer App (tm)? Err... That doesn't make it very clear... Is there a program for Macintosh or Unix that I could use to grab all the source code from where ever I have it set? Or would I need to make my own? Or should I just quit being lazy and grab it my self? :) -- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files from another site
The security issue is important because I don't want anyone to be able to use the websites database admin scripts without logging into the CMS first. Otherwise anyone who happened to type in www.oneofmywebsites.com/cms would be able to make unwanted changes to that particular sites database. From previous reply, I know you believe two log-in's are not user friendly, but (from my reading) that's what the big boys do (i.e., eBay, Amazon) for a more secure log-in. I don't filly understand it, but from what I've read it's a combination of both your log-on/password and a session ID -- but then, a second log-in changes the session id which makes it more difficult to hack. HTH's tedd -- http://sperling.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files from another site
""Richard Lynch"" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > On Mon, April 17, 2006 5:45 am, Shaun wrote: >> I have created a CMS where all sites on our server are administrated >> from >> one central site, and HTML content is stored in the CMS database. >> >> I want users to all control their sites database functions from the >> CMS >> site, but I want to keep the database and database admin scripts in >> the >> individual website account to keep things simple. So I need want to be >> able >> to include these scripts within the CMS site but keep them secure. I >> have >> tried using frames but I can't keep a session going in the database >> admin >> scripts, is there a better way to do this? >> >> Any advice would be greatly appreciated. > > If you trust the source, you could just do: > > include 'http://example.com/central_core_files_shared_by_all.inc'; > ?> > > Or, if all these sites are on the same box, you don't even need to use > HTTP for the include... > > Exactly what are you trying to secure against? > > You make it sound like "keep them secure" is an absolute. It's not. > It's relative. > > -- > Like Music? > http://l-i-e.com/artists.htm Hi Richard, The security issue is important because I don't want anyone to be able to use the websites database admin scripts without logging into the CMS first. Otherwise anyone who happened to type in www.oneofmywebsites.com/cms would be able to make unwanted changes to that particular sites database. In answer to your second question both sites will be on the same box... -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files from another site
On Mon, April 17, 2006 5:45 am, Shaun wrote: > I have created a CMS where all sites on our server are administrated > from > one central site, and HTML content is stored in the CMS database. > > I want users to all control their sites database functions from the > CMS > site, but I want to keep the database and database admin scripts in > the > individual website account to keep things simple. So I need want to be > able > to include these scripts within the CMS site but keep them secure. I > have > tried using frames but I can't keep a session going in the database > admin > scripts, is there a better way to do this? > > Any advice would be greatly appreciated. If you trust the source, you could just do: http://example.com/central_core_files_shared_by_all.inc'; ?> Or, if all these sites are on the same box, you don't even need to use HTTP for the include... Exactly what are you trying to secure against? You make it sound like "keep them secure" is an absolute. It's not. It's relative. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files from another site
2 websites, or 2 web servers? Depends on the setup. Since you are "leaving" and "going" then it normally is a problem, in my experience, with them. What I do in cases of that is to pass a session value along via posting the data. Not always pretty, but it works. I guess the real determining factor is how the data is being passed, the flow of the bits so to speak. IE: if the users are on their site logged in and it pulls information from yours, then you will need to access their own sessions, not yours. however if they are logged into your site and accessing data on theirs, you need your session and to pass it over to theirs. The information path is the only way to really get a good picture, most of the time in cases where I had this happen, I had them log into one location and copied the files they would need to their server. I could always rsync their files from my server via a cron job or set php command script when needed. One thing you might also look at is a cookie. Not sure if you can write a cookie that both sites will be able to use or not, but that might be a way to hide their information for the pass through. IE: set the cookie from one site with access information for the other site... It might work that way as well, never tried it in practice, but logically it just might. And yeah, mod_rewrite works for it, but like I said, just something to keep an eye out for, depending on how concerned you are with someone phishing. Shaun wrote: > Thanks Wolf, > > Will there be a problem keeping 2 sessions from 2 websites running in one > browser? > > I will need one to validate the CMS login and one running in the other > website to ensure that $_SESSION['my_site'] is set? > > BTW I'm sure you know, but image phising can be resolved with mod_rewrite. > > > "Wolf" <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] >> Personally I would use it as part of the session and verify it that way... >> >> ie: check to see if the $PHP_SELF is www.mycms.com, if not refresh the >> page to that URL automatically and then make them do the login. Only >> after logging in does the session key get the "mysite=true" key or >> whatever you want to check for. >> >> That SHOULD keep it from getting hacked, as your basically verifying at >> the beginning that you are only allowing entry from your location. >> >> You should also be making sure that your server does not allow others to >> host primary images so that nobody could phish your site. Paypal and >> chase are really lamely set up which is making phishing easier for >> people who use them. >> >> My $.02 >> >> Wolf >> >> Shaun wrote: >>> Hi, >>> >>> Thanks for your reply, just had a thought: How secure would it be if I >>> made >>> sure that the URL of the browser was www.mycms.com and only allow access >>> to >>> pages in the /cms folder if true? >>> >>> Is this safe or an easy hack? >>> >>> >>> "Wolf" <[EMAIL PROTECTED]> wrote in message >>> news:[EMAIL PROTECTED] >>>> So, swap your CMS logins to use the same access code for the user, then >>>> use sessions to swap the mysql stuff in where needed. >>>> >>>> Or make it use a mysql call from the CMS login to access their mysql >>>> information from another table and do it that way. >>>> >>>> 1 login, 1 password, very user friendly. >>>> >>>> And only 1 place to have to worry about changing files. >>>> >>>> HTH, >>>> >>>> Wolf >>>> >>>> >>>> Shaun wrote: >>>>> I see your point, the only problem is that the user will have already >>>>> logged >>>>> once into the CMS, logging in again would be a little frustrating and >>>>> not >>>>> very user friendly... >>>>> >>>>> >>>>> ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message >>>>> news:[EMAIL PROTECTED] >>>>>> I think that you are looking at this from the wrong angle. >>>>>> What you should do, is password protect all CMS directories >>>>>> And then, anyone that needs access has to punch in a valid >>>>>> Username and password. >>>>>> >>>>>> Have a look at : http://sourceforge.net/projects/modauthmysql/ >>>>>> >>>>>> Sincerely >>>>>> >>>>>> berber >>&g
Re: [PHP] Including files from another site
Thanks Wolf, Will there be a problem keeping 2 sessions from 2 websites running in one browser? I will need one to validate the CMS login and one running in the other website to ensure that $_SESSION['my_site'] is set? BTW I'm sure you know, but image phising can be resolved with mod_rewrite. "Wolf" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Personally I would use it as part of the session and verify it that way... > > ie: check to see if the $PHP_SELF is www.mycms.com, if not refresh the > page to that URL automatically and then make them do the login. Only > after logging in does the session key get the "mysite=true" key or > whatever you want to check for. > > That SHOULD keep it from getting hacked, as your basically verifying at > the beginning that you are only allowing entry from your location. > > You should also be making sure that your server does not allow others to > host primary images so that nobody could phish your site. Paypal and > chase are really lamely set up which is making phishing easier for > people who use them. > > My $.02 > > Wolf > > Shaun wrote: >> Hi, >> >> Thanks for your reply, just had a thought: How secure would it be if I >> made >> sure that the URL of the browser was www.mycms.com and only allow access >> to >> pages in the /cms folder if true? >> >> Is this safe or an easy hack? >> >> >> "Wolf" <[EMAIL PROTECTED]> wrote in message >> news:[EMAIL PROTECTED] >>> So, swap your CMS logins to use the same access code for the user, then >>> use sessions to swap the mysql stuff in where needed. >>> >>> Or make it use a mysql call from the CMS login to access their mysql >>> information from another table and do it that way. >>> >>> 1 login, 1 password, very user friendly. >>> >>> And only 1 place to have to worry about changing files. >>> >>> HTH, >>> >>> Wolf >>> >>> >>> Shaun wrote: >>>> I see your point, the only problem is that the user will have already >>>> logged >>>> once into the CMS, logging in again would be a little frustrating and >>>> not >>>> very user friendly... >>>> >>>> >>>> ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message >>>> news:[EMAIL PROTECTED] >>>>> I think that you are looking at this from the wrong angle. >>>>> What you should do, is password protect all CMS directories >>>>> And then, anyone that needs access has to punch in a valid >>>>> Username and password. >>>>> >>>>> Have a look at : http://sourceforge.net/projects/modauthmysql/ >>>>> >>>>> Sincerely >>>>> >>>>> berber >>>>> >>>>> Visit the Weber Sites Today, >>>>> To see where PHP might take you tomorrow. >>>>> PHP code examples : http://www.weberdev.com >>>>> PHP & MySQL Forums : http://www.weberforums.com >>>>> >>>>> >>>>> >>>>> -Original Message- >>>>> From: Shaun [mailto:[EMAIL PROTECTED] >>>>> Sent: Monday, April 17, 2006 2:52 PM >>>>> To: php-general@lists.php.net >>>>> Subject: Re: [PHP] Including files from another site >>>>> >>>>> Hi, >>>>> >>>>> Thanks for your reply, sorry I should have been a little clearer in my >>>>> explanation. Here goes... >>>>> >>>>> I have a dedicated UNIX server with many websites on it. On this >>>>> server >>>>> I >>>>> have also created a Content Management System which has a database >>>>> which >>>>> I >>>>> use to store HTML content for all the other websites. Each website has >>>>> a >>>>> database connection to the CMS database to retrieve the HTML for its >>>>> pages. >>>>> >>>>> Each website that uses its own database has a folder called /cms and >>>>> in >>>>> here >>>>> I keep all the database admin scripts for that website. I want these >>>>> pages >>>>> to only be accessible from within the CMS website and nothing else. So >>>>> when >>>>> the user is in the CMS they can click on database admin and it will >
Re: [PHP] Including files from another site
Personally I would use it as part of the session and verify it that way... ie: check to see if the $PHP_SELF is www.mycms.com, if not refresh the page to that URL automatically and then make them do the login. Only after logging in does the session key get the "mysite=true" key or whatever you want to check for. That SHOULD keep it from getting hacked, as your basically verifying at the beginning that you are only allowing entry from your location. You should also be making sure that your server does not allow others to host primary images so that nobody could phish your site. Paypal and chase are really lamely set up which is making phishing easier for people who use them. My $.02 Wolf Shaun wrote: > Hi, > > Thanks for your reply, just had a thought: How secure would it be if I made > sure that the URL of the browser was www.mycms.com and only allow access to > pages in the /cms folder if true? > > Is this safe or an easy hack? > > > "Wolf" <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] >> So, swap your CMS logins to use the same access code for the user, then >> use sessions to swap the mysql stuff in where needed. >> >> Or make it use a mysql call from the CMS login to access their mysql >> information from another table and do it that way. >> >> 1 login, 1 password, very user friendly. >> >> And only 1 place to have to worry about changing files. >> >> HTH, >> >> Wolf >> >> >> Shaun wrote: >>> I see your point, the only problem is that the user will have already >>> logged >>> once into the CMS, logging in again would be a little frustrating and not >>> very user friendly... >>> >>> >>> ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message >>> news:[EMAIL PROTECTED] >>>> I think that you are looking at this from the wrong angle. >>>> What you should do, is password protect all CMS directories >>>> And then, anyone that needs access has to punch in a valid >>>> Username and password. >>>> >>>> Have a look at : http://sourceforge.net/projects/modauthmysql/ >>>> >>>> Sincerely >>>> >>>> berber >>>> >>>> Visit the Weber Sites Today, >>>> To see where PHP might take you tomorrow. >>>> PHP code examples : http://www.weberdev.com >>>> PHP & MySQL Forums : http://www.weberforums.com >>>> >>>> >>>> >>>> -Original Message- >>>> From: Shaun [mailto:[EMAIL PROTECTED] >>>> Sent: Monday, April 17, 2006 2:52 PM >>>> To: php-general@lists.php.net >>>> Subject: Re: [PHP] Including files from another site >>>> >>>> Hi, >>>> >>>> Thanks for your reply, sorry I should have been a little clearer in my >>>> explanation. Here goes... >>>> >>>> I have a dedicated UNIX server with many websites on it. On this server >>>> I >>>> have also created a Content Management System which has a database which >>>> I >>>> use to store HTML content for all the other websites. Each website has a >>>> database connection to the CMS database to retrieve the HTML for its >>>> pages. >>>> >>>> Each website that uses its own database has a folder called /cms and in >>>> here >>>> I keep all the database admin scripts for that website. I want these >>>> pages >>>> to only be accessible from within the CMS website and nothing else. So >>>> when >>>> the user is in the CMS they can click on database admin and it will >>>> include >>>> the pages in that websites /cms folder. >>>> >>>> My Question is how can I ensure that the CMS is the only website that >>>> can >>>> access these scripts securely? >>>> >>>> Thanks for your advice. >>>> >>>> >>>> ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message >>>> news:[EMAIL PROTECTED] >>>>> I'm not sure I understand what you are trying to do. >>>>> What is the connection between frames and security? >>>>> >>>>> In general, assuming that all users have access to The same scripts, >>>>> you need to include in all of your Scripts some kind of security logic >>>>> that tells the Script which user can do what. >>>>>
Re: [PHP] Including files from another site
Hi, Thanks for your reply, just had a thought: How secure would it be if I made sure that the URL of the browser was www.mycms.com and only allow access to pages in the /cms folder if true? Is this safe or an easy hack? "Wolf" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > So, swap your CMS logins to use the same access code for the user, then > use sessions to swap the mysql stuff in where needed. > > Or make it use a mysql call from the CMS login to access their mysql > information from another table and do it that way. > > 1 login, 1 password, very user friendly. > > And only 1 place to have to worry about changing files. > > HTH, > > Wolf > > > Shaun wrote: >> I see your point, the only problem is that the user will have already >> logged >> once into the CMS, logging in again would be a little frustrating and not >> very user friendly... >> >> >> ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message >> news:[EMAIL PROTECTED] >>> I think that you are looking at this from the wrong angle. >>> What you should do, is password protect all CMS directories >>> And then, anyone that needs access has to punch in a valid >>> Username and password. >>> >>> Have a look at : http://sourceforge.net/projects/modauthmysql/ >>> >>> Sincerely >>> >>> berber >>> >>> Visit the Weber Sites Today, >>> To see where PHP might take you tomorrow. >>> PHP code examples : http://www.weberdev.com >>> PHP & MySQL Forums : http://www.weberforums.com >>> >>> >>> >>> -Original Message- >>> From: Shaun [mailto:[EMAIL PROTECTED] >>> Sent: Monday, April 17, 2006 2:52 PM >>> To: php-general@lists.php.net >>> Subject: Re: [PHP] Including files from another site >>> >>> Hi, >>> >>> Thanks for your reply, sorry I should have been a little clearer in my >>> explanation. Here goes... >>> >>> I have a dedicated UNIX server with many websites on it. On this server >>> I >>> have also created a Content Management System which has a database which >>> I >>> use to store HTML content for all the other websites. Each website has a >>> database connection to the CMS database to retrieve the HTML for its >>> pages. >>> >>> Each website that uses its own database has a folder called /cms and in >>> here >>> I keep all the database admin scripts for that website. I want these >>> pages >>> to only be accessible from within the CMS website and nothing else. So >>> when >>> the user is in the CMS they can click on database admin and it will >>> include >>> the pages in that websites /cms folder. >>> >>> My Question is how can I ensure that the CMS is the only website that >>> can >>> access these scripts securely? >>> >>> Thanks for your advice. >>> >>> >>> ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message >>> news:[EMAIL PROTECTED] >>>> I'm not sure I understand what you are trying to do. >>>> What is the connection between frames and security? >>>> >>>> In general, assuming that all users have access to The same scripts, >>>> you need to include in all of your Scripts some kind of security logic >>>> that tells the Script which user can do what. >>>> >>>> Usually you would want to also allow group access Rather then user >>>> access for easier maintenance. >>>> >>>> You should keep a user table with user, password And privileges. There >>>> are endless ways to do this And you need to choose what is best for >>>> your site. >>>> >>>> Have a look at some relevant code examples: >>>> http://www.weberdev.com/AdvancedSearch.php?searchtype=title&search=aut >>>> h >>>> >>>> berber >>>> >>>> -Original Message- >>>> From: Shaun [mailto:[EMAIL PROTECTED] >>>> Sent: Monday, April 17, 2006 12:46 PM >>>> To: php-general@lists.php.net >>>> Subject: [PHP] Including files from another site >>>> >>>> Hi, >>>> >>>> I have created a CMS where all sites on our server are administrated >>>> from one central site, and HTML content is stored in the CMS database. >>>> >>>> I want users to all control their sites database functions from the >>>> CMS site, but I want to keep the database and database admin scripts >>>> in the individual website account to keep things simple. So I need >>>> want to be able to include these scripts within the CMS site but keep >>>> them secure. I have tried using frames but I can't keep a session >>>> going in the database admin scripts, is there a better way to do this? >>>> >>>> Any advice would be greatly appreciated. >>>> >>>> -- >>>> PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: >>>> http://www.php.net/unsub.php >>> -- >>> PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: >>> http://www.php.net/unsub.php >> -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files from another site
So, swap your CMS logins to use the same access code for the user, then use sessions to swap the mysql stuff in where needed. Or make it use a mysql call from the CMS login to access their mysql information from another table and do it that way. 1 login, 1 password, very user friendly. And only 1 place to have to worry about changing files. HTH, Wolf Shaun wrote: > I see your point, the only problem is that the user will have already logged > once into the CMS, logging in again would be a little frustrating and not > very user friendly... > > > ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] >> I think that you are looking at this from the wrong angle. >> What you should do, is password protect all CMS directories >> And then, anyone that needs access has to punch in a valid >> Username and password. >> >> Have a look at : http://sourceforge.net/projects/modauthmysql/ >> >> Sincerely >> >> berber >> >> Visit the Weber Sites Today, >> To see where PHP might take you tomorrow. >> PHP code examples : http://www.weberdev.com >> PHP & MySQL Forums : http://www.weberforums.com >> >> >> >> -Original Message- >> From: Shaun [mailto:[EMAIL PROTECTED] >> Sent: Monday, April 17, 2006 2:52 PM >> To: php-general@lists.php.net >> Subject: Re: [PHP] Including files from another site >> >> Hi, >> >> Thanks for your reply, sorry I should have been a little clearer in my >> explanation. Here goes... >> >> I have a dedicated UNIX server with many websites on it. On this server I >> have also created a Content Management System which has a database which I >> use to store HTML content for all the other websites. Each website has a >> database connection to the CMS database to retrieve the HTML for its >> pages. >> >> Each website that uses its own database has a folder called /cms and in >> here >> I keep all the database admin scripts for that website. I want these pages >> to only be accessible from within the CMS website and nothing else. So >> when >> the user is in the CMS they can click on database admin and it will >> include >> the pages in that websites /cms folder. >> >> My Question is how can I ensure that the CMS is the only website that can >> access these scripts securely? >> >> Thanks for your advice. >> >> >> ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message >> news:[EMAIL PROTECTED] >>> I'm not sure I understand what you are trying to do. >>> What is the connection between frames and security? >>> >>> In general, assuming that all users have access to The same scripts, >>> you need to include in all of your Scripts some kind of security logic >>> that tells the Script which user can do what. >>> >>> Usually you would want to also allow group access Rather then user >>> access for easier maintenance. >>> >>> You should keep a user table with user, password And privileges. There >>> are endless ways to do this And you need to choose what is best for >>> your site. >>> >>> Have a look at some relevant code examples: >>> http://www.weberdev.com/AdvancedSearch.php?searchtype=title&search=aut >>> h >>> >>> berber >>> >>> -Original Message- >>> From: Shaun [mailto:[EMAIL PROTECTED] >>> Sent: Monday, April 17, 2006 12:46 PM >>> To: php-general@lists.php.net >>> Subject: [PHP] Including files from another site >>> >>> Hi, >>> >>> I have created a CMS where all sites on our server are administrated >>> from one central site, and HTML content is stored in the CMS database. >>> >>> I want users to all control their sites database functions from the >>> CMS site, but I want to keep the database and database admin scripts >>> in the individual website account to keep things simple. So I need >>> want to be able to include these scripts within the CMS site but keep >>> them secure. I have tried using frames but I can't keep a session >>> going in the database admin scripts, is there a better way to do this? >>> >>> Any advice would be greatly appreciated. >>> >>> -- >>> PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: >>> http://www.php.net/unsub.php >> -- >> PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: >> http://www.php.net/unsub.php > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files from another site
I see your point, the only problem is that the user will have already logged once into the CMS, logging in again would be a little frustrating and not very user friendly... ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] >I think that you are looking at this from the wrong angle. > What you should do, is password protect all CMS directories > And then, anyone that needs access has to punch in a valid > Username and password. > > Have a look at : http://sourceforge.net/projects/modauthmysql/ > > Sincerely > > berber > > Visit the Weber Sites Today, > To see where PHP might take you tomorrow. > PHP code examples : http://www.weberdev.com > PHP & MySQL Forums : http://www.weberforums.com > > > > -Original Message- > From: Shaun [mailto:[EMAIL PROTECTED] > Sent: Monday, April 17, 2006 2:52 PM > To: php-general@lists.php.net > Subject: Re: [PHP] Including files from another site > > Hi, > > Thanks for your reply, sorry I should have been a little clearer in my > explanation. Here goes... > > I have a dedicated UNIX server with many websites on it. On this server I > have also created a Content Management System which has a database which I > use to store HTML content for all the other websites. Each website has a > database connection to the CMS database to retrieve the HTML for its > pages. > > Each website that uses its own database has a folder called /cms and in > here > I keep all the database admin scripts for that website. I want these pages > to only be accessible from within the CMS website and nothing else. So > when > the user is in the CMS they can click on database admin and it will > include > the pages in that websites /cms folder. > > My Question is how can I ensure that the CMS is the only website that can > access these scripts securely? > > Thanks for your advice. > > > ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] >> I'm not sure I understand what you are trying to do. >> What is the connection between frames and security? >> >> In general, assuming that all users have access to The same scripts, >> you need to include in all of your Scripts some kind of security logic >> that tells the Script which user can do what. >> >> Usually you would want to also allow group access Rather then user >> access for easier maintenance. >> >> You should keep a user table with user, password And privileges. There >> are endless ways to do this And you need to choose what is best for >> your site. >> >> Have a look at some relevant code examples: >> http://www.weberdev.com/AdvancedSearch.php?searchtype=title&search=aut >> h >> >> berber >> >> -Original Message- >> From: Shaun [mailto:[EMAIL PROTECTED] >> Sent: Monday, April 17, 2006 12:46 PM >> To: php-general@lists.php.net >> Subject: [PHP] Including files from another site >> >> Hi, >> >> I have created a CMS where all sites on our server are administrated >> from one central site, and HTML content is stored in the CMS database. >> >> I want users to all control their sites database functions from the >> CMS site, but I want to keep the database and database admin scripts >> in the individual website account to keep things simple. So I need >> want to be able to include these scripts within the CMS site but keep >> them secure. I have tried using frames but I can't keep a session >> going in the database admin scripts, is there a better way to do this? >> >> Any advice would be greatly appreciated. >> >> -- >> PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: >> http://www.php.net/unsub.php > > -- > PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: > http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Including files from another site
I think that you are looking at this from the wrong angle. What you should do, is password protect all CMS directories And then, anyone that needs access has to punch in a valid Username and password. Have a look at : http://sourceforge.net/projects/modauthmysql/ Sincerely berber Visit the Weber Sites Today, To see where PHP might take you tomorrow. PHP code examples : http://www.weberdev.com PHP & MySQL Forums : http://www.weberforums.com -Original Message- From: Shaun [mailto:[EMAIL PROTECTED] Sent: Monday, April 17, 2006 2:52 PM To: php-general@lists.php.net Subject: Re: [PHP] Including files from another site Hi, Thanks for your reply, sorry I should have been a little clearer in my explanation. Here goes... I have a dedicated UNIX server with many websites on it. On this server I have also created a Content Management System which has a database which I use to store HTML content for all the other websites. Each website has a database connection to the CMS database to retrieve the HTML for its pages. Each website that uses its own database has a folder called /cms and in here I keep all the database admin scripts for that website. I want these pages to only be accessible from within the CMS website and nothing else. So when the user is in the CMS they can click on database admin and it will include the pages in that websites /cms folder. My Question is how can I ensure that the CMS is the only website that can access these scripts securely? Thanks for your advice. ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I'm not sure I understand what you are trying to do. > What is the connection between frames and security? > > In general, assuming that all users have access to The same scripts, > you need to include in all of your Scripts some kind of security logic > that tells the Script which user can do what. > > Usually you would want to also allow group access Rather then user > access for easier maintenance. > > You should keep a user table with user, password And privileges. There > are endless ways to do this And you need to choose what is best for > your site. > > Have a look at some relevant code examples: > http://www.weberdev.com/AdvancedSearch.php?searchtype=title&search=aut > h > > berber > > -Original Message- > From: Shaun [mailto:[EMAIL PROTECTED] > Sent: Monday, April 17, 2006 12:46 PM > To: php-general@lists.php.net > Subject: [PHP] Including files from another site > > Hi, > > I have created a CMS where all sites on our server are administrated > from one central site, and HTML content is stored in the CMS database. > > I want users to all control their sites database functions from the > CMS site, but I want to keep the database and database admin scripts > in the individual website account to keep things simple. So I need > want to be able to include these scripts within the CMS site but keep > them secure. I have tried using frames but I can't keep a session > going in the database admin scripts, is there a better way to do this? > > Any advice would be greatly appreciated. > > -- > PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: > http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files from another site
Hi, Thanks for your reply, sorry I should have been a little clearer in my explanation. Here goes... I have a dedicated UNIX server with many websites on it. On this server I have also created a Content Management System which has a database which I use to store HTML content for all the other websites. Each website has a database connection to the CMS database to retrieve the HTML for its pages. Each website that uses its own database has a folder called /cms and in here I keep all the database admin scripts for that website. I want these pages to only be accessible from within the CMS website and nothing else. So when the user is in the CMS they can click on database admin and it will include the pages in that websites /cms folder. My Question is how can I ensure that the CMS is the only website that can access these scripts securely? Thanks for your advice. ""Weber Sites LTD"" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > I'm not sure I understand what you are trying to do. > What is the connection between frames and security? > > In general, assuming that all users have access to > The same scripts, you need to include in all of your > Scripts some kind of security logic that tells the > Script which user can do what. > > Usually you would want to also allow group access > Rather then user access for easier maintenance. > > You should keep a user table with user, password > And privileges. There are endless ways to do this > And you need to choose what is best for your site. > > Have a look at some relevant code examples: > http://www.weberdev.com/AdvancedSearch.php?searchtype=title&search=auth > > berber > > -Original Message- > From: Shaun [mailto:[EMAIL PROTECTED] > Sent: Monday, April 17, 2006 12:46 PM > To: php-general@lists.php.net > Subject: [PHP] Including files from another site > > Hi, > > I have created a CMS where all sites on our server are administrated from > one central site, and HTML content is stored in the CMS database. > > I want users to all control their sites database functions from the CMS > site, but I want to keep the database and database admin scripts in the > individual website account to keep things simple. So I need want to be > able > to include these scripts within the CMS site but keep them secure. I have > tried using frames but I can't keep a session going in the database admin > scripts, is there a better way to do this? > > Any advice would be greatly appreciated. > > -- > PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: > http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Including files from another site
I'm not sure I understand what you are trying to do. What is the connection between frames and security? In general, assuming that all users have access to The same scripts, you need to include in all of your Scripts some kind of security logic that tells the Script which user can do what. Usually you would want to also allow group access Rather then user access for easier maintenance. You should keep a user table with user, password And privileges. There are endless ways to do this And you need to choose what is best for your site. Have a look at some relevant code examples: http://www.weberdev.com/AdvancedSearch.php?searchtype=title&search=auth berber -Original Message- From: Shaun [mailto:[EMAIL PROTECTED] Sent: Monday, April 17, 2006 12:46 PM To: php-general@lists.php.net Subject: [PHP] Including files from another site Hi, I have created a CMS where all sites on our server are administrated from one central site, and HTML content is stored in the CMS database. I want users to all control their sites database functions from the CMS site, but I want to keep the database and database admin scripts in the individual website account to keep things simple. So I need want to be able to include these scripts within the CMS site but keep them secure. I have tried using frames but I can't keep a session going in the database admin scripts, is there a better way to do this? Any advice would be greatly appreciated. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Including files from another site
Hi, I have created a CMS where all sites on our server are administrated from one central site, and HTML content is stored in the CMS database. I want users to all control their sites database functions from the CMS site, but I want to keep the database and database admin scripts in the individual website account to keep things simple. So I need want to be able to include these scripts within the CMS site but keep them secure. I have tried using frames but I can't keep a session going in the database admin scripts, is there a better way to do this? Any advice would be greatly appreciated. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Including files within a class definition
Hi,
I have a program which generates classes based on table structures within
a database. However there are a few times where I need to put custom
methods within these generated classes.
I want to be able to do this but php gives an error for the following include
class generatedClass {
var $this = 0;
function here($strVar){
echo 'this';
}
include (extended_methods_stuff.php);
}
I know that I can probably extend this class to add the extra
functionality however the other generated classes rely on the name of this
class so I cannot just extend this class and it's name cannot change.
Is there any way to have an include prior to the class being parsed?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files from different sub directories
* Thus wrote Allex ([EMAIL PROTECTED]):
> Hi all,
>
> What's the syntax for including/requiring files located in directories
> different than the root directory? Especially files from different sub
> directories under the root? Going down ("classes/globals.php") is ok,
> but going up ("../globals.php") makes problems
What you need to pay attention to is the php.ini setting:
include_path
By default there is a value as '.' meaning relative to the calling
script. What might be a good idea is adding a path to the root of
your includes script to the setting (ie. /path/to/web_root) So
all inlucdes no matter what file is including them uses the same
syntax.
index.php: include_once('classes/globals.php')
dbase.php: include_once('classes/globals.php')
controller.php:include_once('classes/dataaccess/dbase.php')
>
> root (dir)
> +-classes (dir)
> | +-interface (dir)
> | | |-controller.php
> | +-dataaccess (dir)
> | | |-dbase.php
> | |globals.php
> |index.php
> |
>
You might want to consider moving your included files outside your
public web tree:
home (dir)
+-web root (dir)
| |-index.php
|
+-include root (dir)
+-classes (dir)
| +-interface (dir)
| | |-controller.php
| +-dataaccess (dir)
| | |-dbase.php
| |globals.php
Then set the php_include path to
/path/to/include root/
Then all your include/requires are made relative to the include
root.
HTH,
Curt
--
"My PHP key is worn out"
PHP List stats since 1997:
http://zirzow.dyndns.org/html/mlists/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files from different sub directories
including/requiring a file does not change the directory, the code is
simply inserted into the current context. So you should have:
index.php: include_once('classes/globals.php')
dbase.php: include_once('classes/globals.php')
controller.php:include_once('classes/dataaccess/dbase.php')
Allex wrote:
Hi all,
What's the syntax for including/requiring files located in directories
different than the root directory? Especially files from different sub
directories under the root? Going down ("classes/globals.php") is ok,
but going up ("../globals.php") makes problems
Example:
index.php: include_once('classes/globals.php') -> works fine;
dbase.php: include_once('../globals.php') -> generates an error;
controller.php:include_once('../dataaccess/dbase.php') -> error;
root (dir)
+-classes (dir)
| +-interface (dir)
| | |-controller.php
| +-dataaccess (dir)
| | |-dbase.php
| |globals.php
|index.php
|
I'm running PHP 4.3.2 with Apache 2 on WinXP box.
Thanks,
Allex
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] including files from different sub directories
Hi all,
What's the syntax for including/requiring files located in directories
different than the root directory? Especially files from different sub
directories under the root? Going down ("classes/globals.php") is ok,
but going up ("../globals.php") makes problems
Example:
index.php: include_once('classes/globals.php') -> works fine;
dbase.php: include_once('../globals.php') -> generates an error;
controller.php:include_once('../dataaccess/dbase.php') -> error;
root (dir)
+-classes (dir)
| +-interface (dir)
| | |-controller.php
| +-dataaccess (dir)
| | |-dbase.php
| |globals.php
|index.php
|
I'm running PHP 4.3.2 with Apache 2 on WinXP box.
Thanks,
Allex
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] including files with open_basedir restriction
In response to the post found at: http://marc.theaimsgroup.com/?l=php-general&m=104913671122253&w=2 I would like to use open_basedir to stop users from reading the contents of system files, while using include/require to let users take advantage of scripts that I have created. These scripts have DB passwords which I would like to keep secret. While they are outside of the Apache document root, this post states "include() must be relative to one of the directories listed in open_basedir". This would allow users, knowing the name of the script, to read its contents with an fopen(). As there are many ways to skin small mammals, what security mechanisms are there in place to prevent this from happening? Are there any other approaches I can take to solve this problem? I think, ultimately, what I am asking for is a way to allow access for the php interpreter to parse the file (with include) while disallowing access to open the file for reading with fopen). Thank you for taking the time to read this. I would be very grateful to hear any experiences and suggestions the users of this list may have. Sincerely, Adam -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] including files in PHP-pdf development
> -Original Message- > From: Bill Hudspeth [mailto:[EMAIL PROTECTED] > Sent: 14 March 2003 20:07 > > I am developing an application that ouputs the results of a > database query > to a PDF file using PHP. The only real problem I have > encountered is in > trying to use the "include" and/or "require" keywords. I have > a block of > code in another file that needs to called several times from my main > PDF-generating PHP file. As of yet, the standard use of > include or require > doesn't seem to work: > > i.e.include 'output.inc'; That looks fine, so we need more info: - *How* doesn't it work (error message (quote in full)? nothing happens? keyboard explodes? ...?) - some relevant code -- maybe 20-30 lines around the problem one, with a clear indication of which is the failing line. - anything else that seems relevant. Cheers! Mike - Mike Ford, Electronic Information Services Adviser, Learning Support Services, Learning & Information Services, JG125, James Graham Building, Leeds Metropolitan University, Beckett Park, LEEDS, LS6 3QS, United Kingdom Email: [EMAIL PROTECTED] Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] including files in PHP-pdf development
Hello, I am developing an application that ouputs the results of a database query to a PDF file using PHP. The only real problem I have encountered is in trying to use the "include" and/or "require" keywords. I have a block of code in another file that needs to called several times from my main PDF-generating PHP file. As of yet, the standard use of include or require doesn't seem to work: i.e.include 'output.inc'; Any ideas on what's going on or on how I might be able to introduce my code block multiple times into the main file? Thanks, Bill -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] including files...
Another option is to place the files outside of your web root. The include files can be anywhere on your machine, you just have to give a good path when you include() them. If they are outside of your web root, then they can never be called up in a browser. Last option is to name the files with a .php extension, but this should only be used if absolutely necessary. The reason it's a problem is that your file can be called by itself and executed "out of context." This may or may not be a big deal, depending on what you've got in the file. If you only put functions or classes inside of includes, with no code outside of the functions, then naming them with a .php extension doesn't pose a problems. ---John W. Holmes... PHP Architect - A monthly magazine for PHP Professionals. Get your copy today. http://www.phparch.com/ > -Original Message- > From: Sunfire [mailto:[EMAIL PROTECTED]] > Sent: Sunday, February 02, 2003 6:08 PM > To: Justin French; [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: Re: [PHP] including files... > > how do you tell it to refuse file.inc with a .taxis file? the server i > will > be running this on is a public server and they dont allow .taxis files i > dont think...i will have to check and see > > - Original Message - > From: "Justin French" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; "'Sunfire'" <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> > Sent: Sunday, February 02, 2003 5:46 PM > Subject: Re: [PHP] including files... > > > > on 03/02/03 5:28 AM, John W. Holmes ([EMAIL PROTECTED]) wrote: > > > > > Pretty much. Only addition is to make sure filename.inc can't be > viewed > > > through the browser. > > > > ... by having apache refuse to server all .inc files through http, via > the > > use of a .htaccess file (assuming apache server) > > > > Cheers, > > > > Justin > > > > > > -- > > PHP General Mailing List (http://www.php.net/) > > To unsubscribe, visit: http://www.php.net/unsub.php > > > > > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.443 / Virus Database: 248 - Release Date: 1/10/2003 > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files...
how do you tell it to refuse file.inc with a .taxis file? the server i will be running this on is a public server and they dont allow .taxis files i dont think...i will have to check and see - Original Message - From: "Justin French" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; "'Sunfire'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Sunday, February 02, 2003 5:46 PM Subject: Re: [PHP] including files... > on 03/02/03 5:28 AM, John W. Holmes ([EMAIL PROTECTED]) wrote: > > > Pretty much. Only addition is to make sure filename.inc can't be viewed > > through the browser. > > ... by having apache refuse to server all .inc files through http, via the > use of a .htaccess file (assuming apache server) > > Cheers, > > Justin > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.443 / Virus Database: 248 - Release Date: 1/10/2003 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files...
on 03/02/03 5:28 AM, John W. Holmes ([EMAIL PROTECTED]) wrote: > Pretty much. Only addition is to make sure filename.inc can't be viewed > through the browser. ... by having apache refuse to server all .inc files through http, via the use of a .htaccess file (assuming apache server) Cheers, Justin -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] including files...
> hi was just wondering if there was a way to have a php file with all
> constant variables like db mysqluser and password and a few other
things
> defined in a file of its own and then be able to use the variables in
it
> for
> the project it was built for?
>
> the last i knew it could be done and all i needed to do was make the
file
> put the definitions in it and then put:
> include("filename.inc"); at the top of the page..is this right or is
there
> more to it than that?
Pretty much. Only addition is to make sure filename.inc can't be viewed
through the browser.
---John W. Holmes...
PHP Architect - A monthly magazine for PHP Professionals. Get your copy
today. http://www.phparch.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] including files...
On Sunday 02 February 2003 23:53, Sunfire wrote:
> hi was just wondering if there was a way to have a php file with all
> constant variables like db mysqluser and password and a few other things
> defined in a file of its own and then be able to use the variables in it
> for the project it was built for?
>
> the last i knew it could be done and all i needed to do was make the file
> put the definitions in it and then put:
> include("filename.inc"); at the top of the page..is this right
Yes.
> or is there
> more to it than that?
Not really.
I just don't understand, it would have been _far_ easier for you to test it
for yourself by writing a single-line file to init a variable, then a
two-line file to include 1st file and display variable, than to have posted
to the list.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-general
--
/*
I called my parents the other night, but I forgot about the time difference.
They're still living in the fifties.
-- Strange de Jim
*/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] including files...
hi was just wondering if there was a way to have a php file with all
constant variables like db mysqluser and password and a few other things
defined in a file of its own and then be able to use the variables in it for
the project it was built for?
the last i knew it could be done and all i needed to do was make the file
put the definitions in it and then put:
include("filename.inc"); at the top of the page..is this right or is there
more to it than that?
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.443 / Virus Database: 248 - Release Date: 1/10/2003
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] Including files and functions
[snip] I have A LOT of files that are already made, but does now Want to make a printerfriendly version of every file, but Ran into some problems How can i solve this without have to change every READILE.HTM files ?? [/snip] If I understand you have a look at CSS on http://www.w3c.org. HTH! Jay He who laughs last thinks slowest! * * Texas PHP Developers Conf Spring 2003* * T Bar M Resort & Conference Center* * New Braunfels, Texas * * Contact [EMAIL PROTECTED] * * * * Want to present a paper or workshop? Contact now! * * -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Including files and functions
Hello
I have A LOT of files that are already made, but does now
Want to make a printerfriendly version of every file, but
Ran into some problems
How can i solve this without have to change every READILE.HTM files ??
FILE 'DEFAULT.HTM'
if (eregi ("PRINT.HTM", $PHP_SELF)) {
exit;
}
HERE IT IS TEXT
if (function_exists('write')) {
call_user_func ('write');
}
AND HERE THERE IS TEXT
FILE 'READFILE.HTM'
if(!isset($mainfile)) { include("DEFAULT.HTM"); }
function innhold() {
THE TEXT HERE
MORE TEXT
A LINK TO PRINT.HTM GOES HERE
}
FILE 'PRINT.HTM'
$print = $HTTP_REFERER;
... HERE GOES CODES FOR BRAKING THE $print READY FOR INCLUDE
include "$print";
if (function_exists('write')) {
call_user_func ('write');
}
Regards
Bård Tommy Nilsen
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Including Files
Is there a way to setup either the apache/php directives to produce a custom 404 if an include file "fails to be included" ?? Or is this a job for .HTACCESS?? Regards, ~Craig -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Including files & variables ...
There's no need to 'pass' any variables. HINT: pretend the include() command is being replaced with the code in your include file, this means that whatever variables are set/available at that point will also be available in the include. On Mon, 28 Jan 2002 18:54:02 -0800, Evansville Scene wrote: >I'm having problems passing variables into included PHP files. How can I do this? > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Including files & variables ...
On Wednesday 02 January 2002 20:43, you wrote:
> What you need to do is simply set the variables before you include
> the script.
>
> When you include a script with include() or require(), they fall
> into the same namespace as the include() or require() function that
> called them.
I read that in the manual too, but I have never understoud how it
really works. I use require_once in function and the files I include
have many class and function definitions in it (I include them when I
really need them to make things faster). So when I try to imagine how
it works, I feel that it shouldn't.
Becuse if I put the files in place of the require_onces I would get a
code like this:
function foo() {
class foo2 {
function foo2() {
...
}
...
}
class foo3 { ... }
...
}
And it looks strange, but it works well, I use it frequently. Does
anybody know why is this code works actually?
Thanks,
Arpi
p.s. of course it's only a theoretical question. I don't have to
understand really, but it's good to know what I rely on.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Including files & variables ...
What you need to do is simply set the variables before you include the script. When you include a script with include() or require(), they fall into the same namespace as the include() or require() function that called them. Best Regards, Jason Garber IonZoft.com At 06:54 PM 1/28/2002 -0800, Evansville Scene wrote: >I'm having problems passing variables into included PHP files. How can I >do this? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Including files & variables ...
Make sure you include the tags in your include file for PHP parsing. Included files are assumed to be text otherwise. You need to provide more information if you have another problem. - Original Message - From: "Evansville Scene" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, January 28, 2002 9:54 PM Subject: [PHP] Including files & variables ... I'm having problems passing variables into included PHP files. How can I do this? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Including files & variables ...
I may be repeating myself -- use the Nike solution: just do it! :-) Global variables are implicitly passed to includes. Please provide more info if that's not the case (not globals/globals somehow not being passed). Bogdan Evansville Scene wrote: > I'm having problems passing variables into included PHP files. How can I do this? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Including files & variables ...
I'm having problems passing variables into included PHP files. How can I do this?
Re: SV: SV: [PHP] Including files without loosing my string
On Tue, 25 Sep 2001 17:46, Bård Tommy Nilsen wrote:
> Can you write me an short example ??
>
>
> Bård Tommy Nilsen
[About passing arguments to functions and global scoping]
Declaring $id global:
function doit() {
global $id;
echo $id;
}
$id = 1;
doit();
output is 1
Passing $id as parameter:
function doit($input) {
echo $input;
}
$id = 1;
doit($id);
output is 1
See the sections of the manual on Functions and variable scope for more
information.
--
David Robley Techno-JoaT, Web Maintainer, Mail List Admin, etc
CENTRE FOR INJURY STUDIES Flinders University, SOUTH AUSTRALIA
printf("to C or not to C...that is the question/n");
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
SV: SV: [PHP] Including files without loosing my string
Can you write me an short example ??
Bård Tommy Nilsen
-Opprinnelig melding-
Fra: David Robley [mailto:[EMAIL PROTECTED]]
Sendt: 25. september 2001 10:11
Til: Bård Tommy Nilsen; [EMAIL PROTECTED]
Emne: Re: SV: [PHP] Including files without loosing my string
On Tue, 25 Sep 2001 17:32, Bård Tommy Nilsen wrote:
> Thats only if i call the index.php file first.
> For that i have another solution
> if (function_exists('func')) {
> call_user_func ('func');
> } else {
> include 'main.php';
>
> But thats not the problem.
>
> I am using id in an sql query, but not shown in my example (sorry :) )
> But i wanted to show what i am after, and that is that the
> id string cant be called after including index.php ...
>
>
> Bård Tommy Nilsen
If you want to access id, you know that it is available as $id; but if
you want it accessible within the function, you either have to pass it to
the function as a parameter or delcare it as global within the function.
>
>
> -Opprinnelig melding-
> Fra: David Robley [mailto:[EMAIL PROTECTED]]
> Sendt: 25. september 2001 09:56
> Til: Bård Tommy Nilsen; [EMAIL PROTECTED]
> Emne: Re: [PHP] Including files without loosing my string
>
> On Tue, 25 Sep 2001 17:01, Bård Tommy Nilsen wrote:
> > Hello !
> >
> > I am trying to keep my string after including av file.
> >
> > file1.php:
> > (accessed with file1.php?id=1)
> >
> > > include 'index.php';
> >
> > function func() {
> > echo "buddy";
> > }
> > ?>
> >
> > index.php:
> > > echo "Hello";
> > if (function_exists('func')) {
> > call_user_func ('func');
> > }
> >
> > The output should then be "Hello buddy";
> >
> > Can anyone help me with this one ??
> >
> > Regards
> > Bård Tommy Nilsen
>
> In most languages, you must declare a function _before_ calling it. In
> your case, your program looks like this after the include:
>
> // include 'index.php';
> echo "Hello";
> if (function_exists('func')) {
> call_user_func ('func');
> }
> function func() {
> echo "buddy";
> }
>
> So you have no function at the time you test for it :-)
>
> --
> David Robley Techno-JoaT, Web Maintainer, Mail List Admin, etc
> CENTRE FOR INJURY STUDIES Flinders University, SOUTH AUSTRALIA
>
>Useless Invention: Rollerblade skates for peglegs.
--
David Robley Techno-JoaT, Web Maintainer, Mail List Admin, etc
CENTRE FOR INJURY STUDIES Flinders University, SOUTH AUSTRALIA
"Unto thee," Jesus said verily.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: SV: [PHP] Including files without loosing my string
On Tue, 25 Sep 2001 17:32, Bård Tommy Nilsen wrote:
> Thats only if i call the index.php file first.
> For that i have another solution
> if (function_exists('func')) {
> call_user_func ('func');
> } else {
> include 'main.php';
>
> But thats not the problem.
>
> I am using id in an sql query, but not shown in my example (sorry :) )
> But i wanted to show what i am after, and that is that the
> id string cant be called after including index.php ...
>
>
> Bård Tommy Nilsen
If you want to access id, you know that it is available as $id; but if
you want it accessible within the function, you either have to pass it to
the function as a parameter or delcare it as global within the function.
>
>
> -Opprinnelig melding-
> Fra: David Robley [mailto:[EMAIL PROTECTED]]
> Sendt: 25. september 2001 09:56
> Til: Bård Tommy Nilsen; [EMAIL PROTECTED]
> Emne: Re: [PHP] Including files without loosing my string
>
> On Tue, 25 Sep 2001 17:01, Bård Tommy Nilsen wrote:
> > Hello !
> >
> > I am trying to keep my string after including av file.
> >
> > file1.php:
> > (accessed with file1.php?id=1)
> >
> > > include 'index.php';
> >
> > function func() {
> > echo "buddy";
> > }
> > ?>
> >
> > index.php:
> > > echo "Hello";
> > if (function_exists('func')) {
> > call_user_func ('func');
> > }
> >
> > The output should then be "Hello buddy";
> >
> > Can anyone help me with this one ??
> >
> > Regards
> > Bård Tommy Nilsen
>
> In most languages, you must declare a function _before_ calling it. In
> your case, your program looks like this after the include:
>
> // include 'index.php';
> echo "Hello";
> if (function_exists('func')) {
> call_user_func ('func');
> }
> function func() {
> echo "buddy";
> }
>
> So you have no function at the time you test for it :-)
>
> --
> David Robley Techno-JoaT, Web Maintainer, Mail List Admin, etc
> CENTRE FOR INJURY STUDIES Flinders University, SOUTH AUSTRALIA
>
>Useless Invention: Rollerblade skates for peglegs.
--
David Robley Techno-JoaT, Web Maintainer, Mail List Admin, etc
CENTRE FOR INJURY STUDIES Flinders University, SOUTH AUSTRALIA
"Unto thee," Jesus said verily.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
SV: [PHP] Including files without loosing my string
Thats only if i call the index.php file first.
For that i have another solution
if (function_exists('func')) {
call_user_func ('func');
} else {
include 'main.php';
But thats not the problem.
I am using id in an sql query, but not shown in my example (sorry :) )
But i wanted to show what i am after, and that is that the
id string cant be called after including index.php ...
Bård Tommy Nilsen
-Opprinnelig melding-
Fra: David Robley [mailto:[EMAIL PROTECTED]]
Sendt: 25. september 2001 09:56
Til: Bård Tommy Nilsen; [EMAIL PROTECTED]
Emne: Re: [PHP] Including files without loosing my string
On Tue, 25 Sep 2001 17:01, Bård Tommy Nilsen wrote:
> Hello !
>
> I am trying to keep my string after including av file.
>
> file1.php:
> (accessed with file1.php?id=1)
>
> include 'index.php';
>
> function func() {
> echo "buddy";
> }
> ?>
>
> index.php:
> echo "Hello";
> if (function_exists('func')) {
> call_user_func ('func');
> }
>
> The output should then be "Hello buddy";
>
> Can anyone help me with this one ??
>
> Regards
> Bård Tommy Nilsen
In most languages, you must declare a function _before_ calling it. In
your case, your program looks like this after the include:
http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] Including files without loosing my string
On Tue, 25 Sep 2001 17:01, Bård Tommy Nilsen wrote:
> Hello !
>
> I am trying to keep my string after including av file.
>
> file1.php:
> (accessed with file1.php?id=1)
>
> include 'index.php';
>
> function func() {
> echo "buddy";
> }
> ?>
>
> index.php:
> echo "Hello";
> if (function_exists('func')) {
> call_user_func ('func');
> }
>
> The output should then be "Hello buddy";
>
> Can anyone help me with this one ??
>
> Regards
> Bård Tommy Nilsen
In most languages, you must declare a function _before_ calling it. In
your case, your program looks like this after the include:
http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Including files without loosing my string
Hello ! I am trying to keep my string after including av file. file1.php: (accessed with file1.php?id=1) index.php: http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
