I've spent the past few months building a website on localhost. Throughout the site, instead of using relative paths, I used $_SERVER["DOCUMENT_ROOT"] to access the root of my server so I could reference files from there. However, I just decided to upload my site to 000webhost. As I soon found out, and for those of you who use them, you are probably aware, that their server root is different than your actual directory in which you upload your files. I believe it's virtual hosting... anyway, my $_SERVER["DOCUMENT_ROOT"] now throws errors along the lines of this on the site:
Warning: include_once() [function.include-once]: open_basedir restriction in effect. File(/usr/local/apache/htdocs/mypath) is not within the allowed path(s)
Every other site I looked at said that you should just replace $_SERVER["DOCUMENT_ROOT"] with the home directory provided to you by 000webhost. However, if I want to change hosting services in the future, I'm screwed. Is there any way to use $_SERVER to access a set virtual directory or use htaccess or something to make my code work? I tried using DocumentRoot in a htaccess file in my root directory, but it threw a 404 error when trying to access the page.
I would never recommend using DOCUMENT_ROOT. For example, it is useless if you ever want to run scripts via the command line or cron.
I would instead, set the include_path via one of your scripts. Something that is included in every page (like some sort of config or bootstrap script).
For example, say you have config.php in your app's root directory (could be doc root but it's not important) that is included on every page
set_include_path(implode(PATH_SEPARATOR, array(
__DIR__, // this is the directory of this file, config.php
get_include_path()
)));
Then, you can safely use relative paths from this location in your include / require statements
include 'foo.php'; // APP_ROOT/foo.php
include 'somedir/bar.php'; // APP_ROOT/somedir/bar.php
When setting the include path, it doesn't really matter where the script resides, just construct the appropriate path. Say config.php lived in APP_ROOT/configs/config.php, the include path would be
realpath(__DIR__ . '/..') // realpath just resolves the path traversal
Decided to go with the following method:
http://www.000webhost.com/forum/customer-assistance/4857-document_root-environment-variable.html
Works!
Related
I created initialize.php to define my project's root directory.
defined('DS') ? null : define('DS', DIRECTORY_SEPARATOR);
defined('SITE_ROOT') ? null : define('SITE_ROOT', DS.'works'.DS.'myproject');
I include it with something like this from any directory.
require_once("../includes/initialize.php");
and I include other files easier. I am going to upload the files to server, then I should only change the initialize.php file.
It works. But, when I use user friendly URL's, and call ajax files from it, I don't know my directory hierarchy to include initialize.php.
I don't want to do this:
require_once("/works/myproject/includes/initialize.php");
for every file. Because it is going to change when I upload everytime.
I don't want to use session or cookie for everyuser.
There should be a trick for this but I couldn't find. Is there a way for getting project root from anywhere while using user friendly URL's and ajax calls?
I fixed it.
when I call it with ajax it's ok. But I included it as php too for some conditions.
Because of current and the ajax files are in different folders, it crashed.
So, when I change it to only require initialize.php when called with ajax, problem solved.
If you're using Apache, you could try adding your includes directory to your include_path directive.
Find the current value by doing a phpinfo() and look for include_path and then try re-declaring it in your top-level web directory and add the absolute path to your includes directory.
So if the default value is:
include_path = ".:/usr/bin/php:/some/other/directory"
just copy-paste the same thing in your .htaccess file but add your include directory on the end, separating it with a colon.
include_path = ".:/usr/bin/php:/some/other/directory:/works/myproject/includes"
and that way you shouldn't have to reference the absolute path every time.
This all depends on the permissions your web host gives you. There are other (easier) ways to do this, but I find that most of them are usually restricted by hosting providers, and manually setting it via .htaccess is usually the most dependable way to get this done.
Here's a page listing a few different ways: Five ways to create include path for PHP
Simply doing this:
require_once("../includes/initialize.php");
is enough because PHP doesn't look at your friendly URLs. It includes whatever you give him to include relative to your script.
Also there is $_SERVER['DOCUMENT_ROOT'] that will give you an absolute path from your root directory.
It is a good approach to define all your directories in a common file as you added initialize.php. You will have to include this common file in every file on the project. User friendly url's have no effect on the file inclusion.
Is this, for example, a good idea?
require_once($_SERVER['DOCUMENT_ROOT'].'/include.php');
If you have two virtual hosts on the same server, one for live and one for development, with different Apache DocumentRoots, this would avoid having to include absolute paths when the source of the include is unknown, and may be in any directory.
(Note: file paths in the following section are relative to the web root. They would in fact be like /var/www/app/core/init.php, where /var/www/app is the web root)
For instance: I have an /core/init.php which is called using relative paths from places all over the website (/file.php, /dir/file.php or /dir/dir/file.php).
This init.php then includes several function pages, in the fund directory, a subdir of /core (as in /core/func/userfunctions.php).
So, in init.php, I can use the $_SERVER method, because it breaks if I use a relative path and try to call functions from a page like /dir/file.php.
I can't see any problem with it, but in general what could go wrong?
I've seen cases where $_SERVER['DOCUMENT_ROOT'] is not set or is not what you would expect (i.e. not set in CLI or old IIS, or invalid in certain CGI setups).
For that reason you can use dirname(__FILE__) to obtain the path of the script that line is called in. You can then reference relative paths from there e.g.
include dirname(__FILE__) . '/../../other/file.php';
I go with the above method when the directory structure of the files is known and is not subject to change.
If DOCUMENT_ROOT is not available, the following is a suitable replacement:
substr($_SERVER['SCRIPT_FILENAME'], 0, -strlen($_SERVER['SCRIPT_NAME']));
You don't need to do this. PHP looks for the included file in the document root by default.
You can use set_include_path($new_include_path) to change this behaviour, or edit include_path in the php config file.
Also, from http://php.net/manual/en/reserved.variables.server.php:
'DOCUMENT_ROOT'
The document root directory under which the current script is executing, as defined in the server's configuration file.
For example, if you use URL rewriting, you will be very happy when you find out that the includes in your /there/are/so/many/paths/in/the/url/of/this/ page are still working!
Basically, I have a class Avian that contains logic for some basic things such as:
Connecting to MySQL
Checking login status
Displaying the navigation bar
These files are stored in "projectavian" which is a folder within my host's root directory and is the folder for all files that will display on mydomain.com.
I've gone and set up a few subdomains such as dev.mydomain.com. My host creates folders for subdomains in the root directory alongside the "projectavian" folder. The furthest back that I seem to be able to go from within a HTML/PHP page in "projectavian" or the folder for my subdomain is up to this folder only (ie I can't actually access the root by going "/subdomain_folder" or adding as many "../"s as I want.
All I need to do is use include or require to get my PHP class from mydomain.com on a page that's at dev.mydomain.com. Obviously you can't do include "http://somedomain.com/file.php". Is there maybe a PHP function that can access the server root directory?
You can use magic constants combined with dirname like this:
$root = dirname(dirname(__FILE__));
which lets you access your root directory and from there you can do something like:
$path = $root . '/subdomain_folder/' . $filename;
check out these references for both dirname and the magic constant
http://php.net/manual/en/function.dirname.php
http://php.net/manual/en/language.constants.predefined.php
The fact you can't jump back and get into your subdomain folders is a restriction placed by your host - you might be able to speak to them about it.
You can actually do include "http://somedomain.com/file.php", but file.php needs to output valid PHP rather than the result of processing that PHP. This means that the file is then publicly accessible and anyone can view your code, which may be a security issue. Maybe wrap it in PHP authentication?
What error are you getting? It could likely be either incorrect permissions, or a PHP open_basedir restriction (most likely). You can turn off open_basedir and/or PHP safe mode via php.ini.
I'm having problems with my include files. I don't seem to be able to figure out how to construct my URLs when I use require_once('somefile.php'). If I try to use an include file in more than one place where the directory structures are different, I get an error that the include file cannot be found.
In asp.net, to get my application root path, I can use ~/directory/file.aspx. The tild forward slash always knows that I am referencing from my website root and find the file no matter where the request comes from within my website. It always refers back to the root and looks for the file from there.
QUESTION: How can I get the root path of my site? How can I do this so I can reuse my include files from anywhere within my site? Do I have to use absolute paths in my URLs?
Thank you!
There is $_SERVER['DOCUMENT_ROOT'] that should have the root path to your web server.
Edit: If you look at most major php programs. When using the installer, you usually enter in the full path to the the application folder. The installer will just put that in a config file that is included in the entire application. One option is to use an auto prepend file to set the variable. another option is to just include_once() the config file on every page you need it. Last option I would suggest is to write you application using bootstrapping which is where you funnel all requests through one file (usually with url_rewrite). This allows you to easily set/include config variables in one spot and have them be available throughout all the scripts.
I usually store config.php file in ROOT directory, and in config.php I write:
define('ROOT_DIR', __DIR__);
And then just use ROOT_DIR constant in all other scripts.
Using $_SERVER['DOCUMENT_ROOT'] is not very good because:
It's not always matching ROOT_DIR
This variable is not available in CGI mode (e.x. if you run your scripts by CRON)
It's nice to be able to use the same code at the top of every script and know that your page will load properly, even if you are in a subdirectory. I use this, which relies on you knowing what your root directory is called (typically, 'htdocs' or 'public_html':
defined('SITEROOT') or define('SITEROOT', substr($_SERVER['DOCUMENT_ROOT'], 0, strrpos($_SERVER['DOCUMENT_ROOT'], 'public_html')) . 'public_html');
With SITEROOT defined consistently, you can then access a config file and/or page components without adapting paths on a script-by-script basis e.g. to a config file stored outside your root folder:
require_once SITEROOT . "/../config.php";
You should use the built in magic constants to find files. __FILE__ and __DIR__. If you are on PHP < 5.3 you should use dirname(__FILE__)
E.g.
require_once __DIR__.'/../../include_me.php';
$_SERVER['DOCUMENT_ROOT'] is not always guaranteed to return what you would expect.
Define it in a config file somewhere.
Assuming you're using an MVC style where everything gets routed through a single index.php then
realpath('.');
Will show you the path to the current working directory (i.e where index.php is)
So then you can define this as
define('PROJECT_ROOT', realpath('.'));
If it's not MVC and you need it to work for files in subfolders then you can just hard code it in a config file
define('PROJECT_ROOT', 'C:/wamp/www/mysite');
Then when including something you can do;
include PROJECT_ROOT . '/path/to/include.php';
You could alternativly set the base directory in your .htaccess file
SetEnv BASE_PATH C:/wamp/www/mysite/
Then in PHP you can reference it with $_SERVER['BASE_PATH']
Try this:
$_SERVER['DOCUMENT_ROOT']
I have 2 root directories for a site, httpdocs and httpsdocs. I am sure its obvious what the 2 are for. But I want to keep things consistent through-out the site like global navigation. Right now I have two separate files for this (one in each side) and I would like to only have one. This is hard to maintain because each time I change one I have to change the other (if I remember to), it breaks the DRY rule. But if I try to include a file from one side to the other using a relative path it tells me the file path is not allowed because it goes outside the document root. If I try to include it with an absolute URL I get another error saying file access is disabled in the server configuration. (I am on a hosting account so the most I can change as far as server config is limited to .htaccess). So can anyone think of a work-around for this?
Why not put your global include file in yet another directory (lets call it library) and then have each http root have an include file that includes ../library/lib.php, then sets specific paramaters. This gives you the added benifit of your library php files not being in the document root path as well.
And actually. Updating because I just read the entry about "relative path" issues.
Could you set the "include path" php value to include that directory?
Something like this:
ini_set('include_path', realpath(dirname(__FILE__)."/../library").":".ini_get('include_path'));
require_once('lib.php');
Did a little more research - seems that changing open_basedir is not possible unless you are able to edit the httpd.conf or php.ini values. PHP Manual: open_basedir
Do you have the ability to create symbolic links between the two directories?