tags:

views:

34

answers:

2
Q: 

Including a file via variable

This seems like the most basic thing in the world, but I don't know PHP.

I am trying to include a file on my page, and the directory of that file is specified inside of a variable.

<?php
    $pageGroup = 'news';
    $directory = 'http://localhost:8888/includes/'.$pageGroup.'/rightCol.html';
    include($directory);
?>

When I echo the results of $directory, I get "http://localhost:8888/includes/news/rightCol.html", which is exactly right. Yet when I try to include the file at that directory, nothing happens. I am assuming this has something to do with the include syntax.

Any suggestions are appreciated.

A: 

You don't want to include a http:// resource because of security concerns. Rather than you need to get it's contents via file_get_contents but if this is a simple page element you can use include without the full url.

fabrik  2010-07-30 13:25:52
if the page I am at is 'http://localhost:8888/news/' how do traverse up to '/includes'? I understand that PHP doesn't recognize `/` to go back to the site root as with HTML...
Squirkle  2010-07-30 13:30:04
fabrik: Yes you can. See http://www.php.net/manual/en/filesystem.configuration.php#ini.allow-url-include
Krab  2010-07-30 13:30:07
It's an amazing security hole, right :)
fabrik  2010-07-30 13:38:31
Yes, basically it's an eval where you can't check what will be evaluated.
Krab  2010-07-30 14:55:12
A: 

Make sure that you have allow_url_fopen settings turned on from php.ini.

Having said that, there are security risks attached to that, see:

Suggestion:

To include files, don't use complete url path, use just file/folder paths.

Example:

include "/includes/news/rightCol.html"; // get from specified dir
include "../rightCol.html"; // get from parent dir
include "../../rightCol.html"; // get from parent parent dir

To include files from root, you might want to prefix your path with:

$_SERVER['DOCUMENT_ROOT'];
Sarfraz  2010-07-30 13:26:02
This code will appear on several different pages inside several different directories and subdirectories...would `/includes/news/rightCol.html` always navigate to the same spot in PHP?
Squirkle  2010-07-30 13:31:31
allow_url_include has to be on too. But it certainly is a security risk. And including local file with variable name can be also dangerous.
Krab  2010-07-30 13:32:17
@Squirkle: It depends on the path of your current script. You can either use `../` to specify directories up level or use absolute path `$_SERVER['DOCUMENT_ROOT'] . /includes/news/rightCol.html;`.
Sarfraz  2010-07-30 13:35:56
Ahh. `$_SERVER['DOCUMENT_ROOT'].'includes/'.$pageGroup.'rightCol.html'` does the trick. Thanks!
Squirkle  2010-07-30 13:37:15

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases