I am relatively new to this whole MVC structure for web apps.
Here is the structure of my project.
The file you see on the right of the picture is inside the 'Views' folder.
When I want to link a css file, why does the path have to be href="/css/stylePortfolio.css"
Why is it not href="../../public/css/stylePortfolio.css"?
What you are looking at, is the HTML that is sent to the users' browser. The browser does not know anything about the structure of your application. It simply reads that href link, and downloads the file from http://example.com<link>, where <link> is /css/main.css for example.
When configured correctly, the web root of your website is in your /public folder. That means, anything that a browser requests, is relative to your web root. Thus, if you want to link to a css file, you need to think of that link relatively to your projects web root, not relatively to your project root.
An example:
Say, you create a new project in /home/user/AwesomePhpProject.
Now, /home/user/AwesomePhpProject is called your project root.
In your project root, you create a directory, public. You configure that directory to be your web root, using VirtualHost (when using Apache) or the root directive (when using Nginx).
/home/user/AwesomePhpProject/public is now your web root.
When a browser requests /css/main.css, it will be directed to /css/main.css relative to your web root. In our case, that will be /home/user/AwesomePhpProject/public/css/main.css.
Most modern applications separate the project and web root, for security reasons.
As your index.php is inside the public folder, so all the views are loading in the public folder. That is why you should declare the CSS path from the public root. You can modify the path if necessary.
In this case, you can declare a global variable or constant your main controller with the path of your CSS folder
define('CSS_PATH', 'http://localhost/fab/public/css/');
Now use this like
<link rel="stylesheet" href="<?=CSS_PATH?>bootstrap.css">
It's because front-end links (like CSS and JS) are relative from current file you are in. And since your root is in public you have to specify URL from this directory (you can't link to any file in top level of root).
Why is it not href="../../public/css/stylePortfolio.css"?
Because entry point of your MVC is index.php from public folder. So all your css and js links should be relative to public folder
Related
I need some help.
I was reading the security recommendations of my hosting service and they say that ideally just put the
index file and files like css, js and img inside my root folder, and that all other files should be placed
off, that is, a level above.
I tried doing this in my tests, and I had some problems. The structure of the hosting folders is:
/
/htdocs
Inside /htdocs I put the index.php file and when accessing it through the url exemple.com/index.php works normally.
But putting other test files out of htdocs is what starts the problem. For example, if I have a file called contact.php
and I try to access it through the url exemple.com/contact.php I get the 404 error message.
So the question I have to ask is:
Is it possible to access url files that are outside of htdocs, or better to put all the files that will be accessed by the url inside
of htdocs and leave only configuration files outside this folder, like class, functions, database connection, etc?
And if it is possible to access the files by url, how would I rewrite these urls in htaccess?
and that all other files should be placed off
Yes, this is good practice. However, you're misunderstanding the implementation.
You can not directly access files outside the document root. But you can indirectly access them. I.e., the web server can't see them, but your programming code can.
Ideally, your site would use the front controller pattern. Here, your index.php file would serve every page of your app by intercepting every request and then routing it to the correct end point. I.e., you would never directly request /contact.php, you'd instead request /contact, which would get funneled to /index.php, which would load the required resources from outside the doc root.
I have a PHP page on my site in a sub folder called Articles.
The page is article.php.
The article.php page requires a common php page called _head.php. This provides the header for the pages.
_head.php is located in the root directory.
The /Articles directory is a subdirectory within the root.
I've included this _head.php page in article.php this way:
<?php include("../_head.php"); ?>
And this works fine.
The problem, however, is that the image elements within _head.php are located in the 'images' subdirectory (also off the root) and are referenced relative to the _head.php being in the root, like this...
<img src="images/services.gif">
So if I use _head.php for files on the root, it works great and shows all the images correctly. But when I include _head.php into a php file that is not in the root, but instead in a subdirectory like /Articles (/Articles/articles.php), the images do not show up.
Do I need to change the _head.php file in how it references the images or is there some code I'm supposed to include in articles.php when including _head.php that tells it how to use _head.php?
I'm concerned about using all absolute paths because if I have to move this site to another server this is going to cause me issues.
Mentioning what I follow not going to the hierarchical complexity,
For any PHP file that is being imported into another PHP file in root simple include/require_once (<path>).
For any file below root accessing other file anywhere within the root I use include/require_once (../<path>).
For accessing files which are outside the root, I use the absolute path of that file.
Working on few php files what I have seen using absolute path is the best thing in two ways, a) you are free from remembering the paths of different files and b) if you are using CDN or if your files are on different servers then this is very helpful. Anyways opinions may vary, this is my personal view/choice.
Consider the following scenario: I have a vhost defined to some paths on my home folder.
say ~/web/project-name/ is my root. such that when i point to http://some-name/ it points to the index.php inside ~/web/project-name.
I've a Model-View-Controller framework (self-made/minimal) and my views contains different client side links (js, or css, or a href) Since I made my working folder root, i used absoulte path names (for instance /client/css/my.css ).
Now a friends comes in takes my projects. Copies it to /var/www/ So, now the contents of my website is not root, so my links in the views does not work?
What is the best way to mitigate the above problem?
I tried defining a constant ROOT as define('ROOT', dirname(__FILE__)) in my index.php, but it returns the absolute path like /home/cipher/...
I want to make a function such that it returns the path of my index.php relative to the web root!
Thanks in advance!
You might want to try a $_SERVER['DOCUMENT_ROOT'].
I'm trying to include a javascript file in a phmtl view script file using the zend framework. Both the javascript file and the phtml file are part of a php library and located outside the doc root folder of my project. So the file structure looks like
/var/www/vhosts/project/
/var/www/vhosts/libraries/my-lib/view/viewscript.phtml
/var/www/vhosts/libraries/my-lib/js/javascript.js
/var/www/vhosts/libraries/my-lib has been added to the PHP paths using set_include_path. In viewscript.phtml, I use the following line to include javascript.js.
<?php $this->headScript()->appendFile('js/javascript.js'); ?>
For some reason, javascript.js is not included, even if I specify the absolute path instead of a relative path. Instead, I get a whole copy of my webpage inside a tag in the head section. If I put javascript.js into the doc root folder /var/www/vhosts/project and change the appendFile() path, it works just fine. How can I include javascript outside of doc root?
Based on previous questions you've been asking I think your directories are something problematic for you.
here is a functionnal and secure example or directory organization for Zend Framework (partial)
var/
www/
vhosts/
otherproject/
project/
src/ <-- maybe some project src can be here and not in your libraries
htdocs/ <--- real apache document root
css/
js/
var/
log/
sessions/
etc/
doc/
libraries/
Zend/
my-lib/
js/
So apache documentRoot is /var/www/project/htdocs. Here we can find the index.php file, the only php file available on public access.
In htdocs/js & htdocs/css you can put some of your project js & css files. And then you've got the problem of css and js files of your external php libs that are now completly outside of the web root.
What I usually do is, like others have said here, links from external directories to the js directory inside the web root. But to be more precise and keep things well organized here what you should do there:
ln -s /var/www/project/libraries/my-lib/js /var/www/project/htdocs/js/my-lib
ln -s /var/www/project/libraries/my-lib/css /var/www/project/htdocs/css/my-lib
And you should do it for all external lib having files that should be in the document root.
This way the base url for the js files of my-lib is /js/my-lib/.
Do not fear of using symlinks (junctions on windows), you can even store them in subversion repository. Just check that your apache configuration allow symlinks (Options +FollowSymlinks)
The path provided in appendFile() is relative to the site's document root (eg, your 'public' folder). It will not pick up on the php include_path.
You could move the js file into the doc root, create a symbolic link to it in the doc root, or you could read the file using php and output it's contents as a <script> tag.
form your path , i can tell your are using linux
so you can use symlink like this :
ln -s /var/www/vhosts/libraries/my-lib/ /var/www/vhosts/project/mylib/
therefor you can append the files :
<?php $this->headScript()->appendFile('/mylib/js/javascript.js'); ?>
and tada , its done
The tag that will be added to the page is a reference for the browser where to look for the JavaScript file.
JavaScript is a client side language, it runs on the users computer and is interpreted there, so the user needs to be able to access the file, hence it needs to be inside the root path as the user (client) should not have access to your application dir.
You could save a PHP file in your doc root and use that to get your JS:
getJS.php (saved in the doc root):
<?php
header("Content-type: text/javascript");
include_once '/../var/www/vhosts/libraries/my-lib/js/someJSfile.js';
?>
Then in your code:
<?php
$this->headScript()->appendFile('getJS.php');
?>
You could include switches to include different JS files or whatever you wanted, I haven't tested this for functionality, but the file when clicked does get the contents of the JS file.
Note: If this is for security reasons, it won't take much to get the contents of the file the user wants!
For security purposes, all system, images documents are located outside my website root directory. I don't want to use relative paths because some files are called in difference circumstances, and sometimes they are included inside other files.
I'm looking for an infallible solution to allow me to maintain my system files outside my root directory and access them with absolute paths.
Please read this elaborate explanation:
If I have a page called: "index.php", it would be located inside the directory "root" (thus accessible to everybody).
This "index.php" would contain a <img src="..." /> to an image file outside the root, in an adjacent directory to "root", called "images". Sure I could use src="../images/goody.jpeg" but if I included "index.php"'s contents in another file, located elsewhere, this would fall short at getting to "goody.jpeg".
So after badgering about paths, could you help me complete this one:
<img src="?
Thank you!
You cannot publicly reference files outside of the public root. That is the whole point of the public root. If ../images/img.jpg works and images/img.jpg is outside of your public root, you have a security issue. The whole point of a public root is to sandbox the public into a confined area of your server. What you are trying to do is allow users to break out of that sandbox.
All public assets (images, css, javascript, etc) should be in the public root or a sub directory under it.
Given your description, I would expect <img src="/images/goody.jpeg"> to do what you want.