Can somebody tell me how to treat .inc files as .php so I can include the .inc files into my php code. You can tell me change their extension to .php but it is not easy since there are hundred of pages which use the inc version.
Basically I need to declare types and handler in .htaccess.
I am running PHP over Apache.
Thanks.
add this to your httpd.conf
<FilesMatch "\.inc$">
SetHandler application/x-httpd-php
</FilesMatch>
Or in the .htaccess file
AddHandler application/x-httpd-php .inc
If you are including them via include() or require() into your PHP code, there's no need to change the extension. Anything included via the include() family is already treated as PHP.
Addendum:
Please also see #Darhazer's answer configuring Apache to serve .inc as PHP if you have a need to do so. (It's not totally clear from your question).
Do nothing.
PHP doesn't care what file extension included files has, it will still execute any code between <?php and ?> in them.
Related
I am setting up a couple of PHP documents that include .cfg for configuration files, .tpl for template structure files, .dlf for document layout files, .dbh for database connections and so on.
Now they're called .tpl.php, .dlf.php etc. But do they need to have the .php extension as well?
If not are there any extensions I shouldn't be using? like .exe for executables.
From Hiding PHP on PHP.net:
Another tactic is to configure web servers such as apache to parse different filetypes through PHP, either with an .htaccess directive, or in the apache configuration file itself. You can then use misleading file extensions:
# Make PHP code look like unknown types
AddType application/x-httpd-php .bop .foo .133t
So you can add a .htaccess rule that would mean that your server treats .tpl, .dlf etc as if they were PHP files, like so:
AddType application/x-httpd-php .tpl .dlf .dbh
However, if you are just using include or require, it doesn't matter what extension you use:
include "inc/template.tpl";
require "inc/database.dbh";
require_once("inc/config.ext.php.url.tpl.cfg");
You can change server config to enterpret other file extensions as PHP
In Apache you can add to this:
<FilesMatch \.php$>
SetHandler application/x-httpd-php
</FilesMatch>
if you include the files, then any extension will do:
in script.php:
include 'includes/foo.inc';
include 'inlcudes/bar.whatever';
will all work
for a certain folder on my local Apache-Server (running with Ubuntu) I'd like that all *php-files will be displayed as if they were plain text-files. I need this since I only want to see the source code of these files and NOT run them.
While searching, I found that most people have the opposite problem :-) and couldn't really find a solution for me.
What would I need to include in the .htacces-file of my folder?
THANKS!
THE ANSWER:
in .htaccess-file type
php_flag engine off
#This will prevent apache from executing *.php-files
AddType text/plain php
#this wil display php-files in browser (if not, browser will want to download file!)
Thanks to Brad!
My Godaddy setup wont allow me to edit the httpd.conf files, and the php_flag command doesn't work due to how they've implemented php for me.
I was able to use this in my .htaccess file:
SetHandler default-handler
AddType text/plain php
I put this in the directory above where my FTP user is allowed to access, which forces all PHP files in that directory, as well as all sub-directories to show php as plain text.
This will work for other file types as well. All you need to do is add another line with whatever extension of file you want to be forced to display in plain text. AddType text/plain cgi for example
Look at your httpd.conf file for the AddType of .php extension, and change it fortext/plain, and php_flag engine to the offvalue just as sait by Sam Bisbee.
But prefer do these change in the httpd.conf, the .htaccess are useless if you have a dedicated server, and lowing your perfs.
But you can also just change the extensions of your PHP scripts...
Two solutions off the top of my head...
Change their file name extensions to .phps. Ex., index.phps.
Change the Content-type for them in the .htaccess file. AddType text/plain .php uses mod_mime to do this. More info at http://httpd.apache.org/docs/2.2/mod/mod_mime.html#addtype
Turn off the the PHP module in apache? (if you won't be needing php execution, of course)
My problem started when I was working with the .htaccess file to a directory trying to get php to run inside of html files. I tried ALOT of combinations of AddTypes and AddHandlers. I took them out and now my php files are being downloaded by the broswer instead of running. There are a few other questions on here that I have studied up and down, but they are not exactly my problem.
I'm fairly lost now, I've tried just about every combination of AddType and AddHandler. I've since decided to use mod_rewrite and just have all my files end in .php but I can't get them to run.
This is what I'm using to test:
<!DOCTYPE html>
<body>
<?php
echo("php working");
?>
</body>
</html>
Am I missing something? Luckily I made all my changes at a separate directory than the root so that the site still runs, but none of the php files in that folder can be viewed in broswer. What can I do? Any help is appreciated.
EDIT:
Just to make it clear, I was originally trying to be able to put php in my html files so I was messing around with handlers and addtypes. My server does have php. If I call a php script from a .html file, it runs. I just can't get a php file like the example I included above to open in brower ANYMORE, it used to open in browser. My fear is that I have messed something up by trying all the different handlers in .htaccess. I have since cleared my .htaccess file in hopes that would at least get me to square one, but it hasn't.
SECOND EDIT:
I went to the root directory and made a php file and it ran just fine so its definitely something I changed in the .htaccess for the particular directory. Is there anyway I can reset that directory?
have you made sure to install php correctly within apache?
if you are using php as a module, you need the following:
LoadModule php5_module "c:/php/php5apache2.dll"
AddType application/x-httpd-php .php
# configure the path to php.ini
PHPIniDir "C:/php"
or as a CGI binary
ScriptAlias /php/ "c:/php/"
AddType application/x-httpd-php .php
# For PHP 4
Action application/x-httpd-php "/php/php.exe"
# For PHP 5
Action application/x-httpd-php "/php/php-cgi.exe"
other things to consider, are the permissions set correctly on the php binaries, is the php.ini present and correct, have you restarted apache since installing php into apache?
lastly, php doesnt run within html files, you would need to set the following as pretty much the last thing in the apache config
AddType application/x-httpd-php .html .htm
Do you see the line like this in your htaccess file?
php_flag engine off
If yes, delete it.
One more thing that may help you understand what happened
The following piece of htaccess would make Php from being executed but rather downloaded as a text file
<VirtualHost *>
ServerName sourcecode.testserver.me
DocumentRoot /var/www/example
AddType text/plain php
</VirtualHost>
One more thing
I'm guessing that this topic was addressed once here-> htaccess downloading file instead of loading
I am with new web host. The public_html folder of each domain I create is auto generated with an .htaccess that has the following line:
AddHandler php5-script .php
What is this for?
This just instructs PHP to handle files ending in .php by passing them to the PHP5 interpreter. Without this configuration in place, the web server may serve the files to the end-user's web browser as raw PHP code, rather than executing the code. That raises the dangerous possibility of exposing database login credentials or, or other secrets.
Using the same mechanism, you could configure the web server to parse files with other extensions besides .php as PHP scripts and hand them to the PHP interpreter. This is occasionally done to mask PHP scripts by naming them with .html extensions, for example.
# Interpret both .php & .html as PHP:
AddHandler php5-script .php .html
It tells php to handle any file with .php in the filename, even if it's not at the end. A file named smile.php.gif will be interpereted as a php file, which is bad if you are going to be using an upload script. This is because Apache allows multiple extensions in any order, so gif.php.jpg is the same as gif.jpg.php. I have heard the best way to select the handler is with FilesMatch. Of course if your web host has this in their httpd.conf you would have to 'remove' it using your htaccess before using the FilesMatch if you don't have access to httpd.conf.
The answer is that the htaccess tells the webserver to handle the php as php5-script and execute it.
Regarding the first answer, you will achieve your goal but it is a really bad practice and you should not allow html files to be executed as php due to huge security concerns.
I currently have a Movable Type blog where the pages do not have any file extensions...so example.com/entries/this-is-my-entry
I added DefaultType text/html, so Apache knows if there isn't any extension on the end of the file to display as HTML. That works great.
Now the problem is I have PHP code in the HTML. The page won't render the PHP code if there is no extension. However, when I publish the entries with a .html extension....the PHP code works perfectly.
I have AddHandler php5-script .html to tell Apache to display PHP in the HTML files. I'm guessing, if there isn't any file extension, it doesn't know to render the PHP code, because it is expecting files with a .html extension...is there a way to say any file that doesn't have an extension can use PHP?
I'm doing the same implementation for my personal MT blog, with the entries having no file extension. (The theory being that I could switch to other techniques in the future without being hampered by extensions like .html, .php, etc.)
You can accomplish this by setting your default type to be PHP:
DefaultType application/x-httpd-php
All PHP files are interpreted at first as HTML, so this works even for files with no PHP in them.
Maybe you can try using <FileMatch> directive? Something like
<FilesMatch "^[^\.]$">
ForceType application/x-httpd-php
</FilesMatch>
There is nothing directly corresponding to DefaultType for AddHandler, but you can hack around it in a fairly ugly way:
<FilesMatch "^(?!.*\..+)">
SetHandler php5-script
</FilesMatch>