Good evening. I found a few questions that seemed to ask the same thing I am asking, but none of the answers seems to work for me. Basically, I have a few generic PHP files (mostly classes, but some are not) that I want to be usuable by multiple PHP sites.
Here is an example of my folder structure:
Site A Root
C:\Personal\WebSites\SiteA
Site B Root
C:\Personal\WebSites\SiteB
Shared Code
C:\Personal\WebSites\Shared
From Site A I tried using include("../Shared/foo.php") to reach the files, but this did not work. I have a feeling this is due to the folder being beyond the site root folder of SiteA. Is there a way to simply include files from the Shared directory? I can't imagine this is an uncommon practice, but I just can't figure it out.
BTW, I am using PHP 5.2.14 through IIS (via FastCGI) on Windows 7 if that matters. Eventually, I will be moving these sites to Linux/Apache hosting, so I would prefer any solution to work with either.
Thanks!!
In your php.ini you can add directories to the include_path, and them include files from then.
"C:\Personal\Websites\Shared;"
If you append a string like that to the already existing include_path you can do include 'specialDir\Class.php' wherespecialDiris a directory inShared`.
Your best bet is to setup a directory anywhere you wish (let's say C:\Personal\Shared), and edit your php.ini include_path to add this directory as an include path. Make sure you set permissions correctly so IIS allows you to access this directory (I'm not 100% on how to do that with Windows, but it should be pretty easy).
Then all you need to do is include the file as if it was in the same directory (PHP handles searching include directories for you).
For example if you had C:\Personal\Shared\foo.php you can include it like this:
include("foo.php");
Related
I have been setting up a new web server to replace an aging one and I am having some problems with relative paths that work on the existing server.
The existing server is Centos 6 with php 5.6, however the new server is Centos 7 with the same php version. I should also mention that both servers run WHM/cPanel with a single user (solo) licence.
I have several folders one level above the public_html folder that contain some include files and also some php files that are run from cron jobs. I put these here as there is never any need for them in the public_html folder.
// Example folder structure
-includes
-cjobs
-public_html
-includes
-css
-js
index.php
On the existing server, the following works ok on a file in the cjobs folder
include "../public_html/includes/mail_include.php";, however on the new server it fails. I have ended up using include_once (dirname(__FILE__) . "/../includes/mail_include.php"); and also had to relocate the cjobs folder into the public_html folder. Note that full paths do work ok, so /home/username/includes/mail_include.php does always work, but I don't want to hard code the paths.
I feel that there may be some small configuration setting in php that I have not changed, but I just have not been able to figure out why I need to include the files this way. It means I need to modify thousands of files just so they will work on the new server which is proving to be a real pain.
Any advice is appreciated.
I have concerns that are similar to what were addressed here. I'm using Composer to install Amazon AWS components to set up a SES (email) service.
According to the Amazon documentation, I need to include autoload.php in order to use the classes that I installed. This means that the autoload.php must be in my web directory (/var/www/html).
I didn't fully understand the answer provided to the SO question I previous mentioned, but it essentially says that the vendor directory should NOT be in the web directory. But if I do this, how will I require the autoload.php file, which is in the /vendor directory?
Overall I am very confused about how I should be properly setting this up. Any help would be appreciated.
Edit: This article also suggests putting the /vendor/ folder in the web directory. Is this the standard? What security risks should I be looking out for? Because there are no index.html files or anything in any of the folders, the directories of all the files that were installed can be seen and accessed freely. Surely this can't be a good thing?
The "web directory" is the directory directly served via HTTP to anyone asking with the right URL. So if anyone thinks there is a folder "/foo" hosted on your domain, and you didn't take precautions, and there is in fact that folder, and it does not contain a file that would be served as the directory index, anyone asking probably would get the directory listing of that folder, listing all files.
Now the difference between such a web hosted folder and the require statement in PHP is that PHP does not use a URL pointing at a publicly accessible HTTP hosted folder, but uses a filesystem path pointing to a file.
And most beginners mix this up: Because PHP at starter level is all about having a bunch of scripts spread around the web directory, which emit a lot of HTML containing links to other scripts, they get the idea that the links in HTML and the file paths in PHP are the same and have to be. This is wrong. They don't have to be the same, they are the same because no better approach has been selected.
So here's how a modern web application is constructed. If you deploy the whole project, the main directory on the server might be called /var/www/projectX. Inside this container are some files like /var/www/projectX/composer.json. Because of this there will also be a directory /var/www/projectX/vendor. Additionally, somewhere would be one PHP script that's being accessed (I delay the info HOW it's being accessed for now), and that location should either be A) /var/www/projectX/script.php or B) /var/www/projectX/public/script.php. Those two scripts want to use Composer provided classes and need to include the autoloading.
Because of the file location, the script in location A needs to run require 'vendor/autoload.php';, and the script in location B needs require '../vendor/autoload.php';. This is simply a matter of using the correct relative path from the script to the autoload file. You could even use an absolute path in both cases: require '/var/www/projectX/vendor/autoload.php'; will also work. The main point here is: It does not matter HOW you require that autoload.php file as long as it gets executed by the script. The path does not affect anything.
Now the HTTP hosting and accessing the scripts. The webserver has at least one directory configured that is being exposed to the outside world as the main directory of the domain. This is called DOCUMENT_ROOT, and it can be ANYWHERE. Now it depends on the configuration of your server which directory is preselected, and if you can change that setting (either by administrating your server on the command line, or by clicking some settings in a GUI).
If your server has the directory /var/www/projectX set as the document root, all the world can access the script in case A as http://example.com/script.php, as well as the script in case B as http://example.com/public/script.php, and also the vendor folder as http://example.com/vendor/.... This is not great, but could be avoided by placing .htaccess files inside or otherwise restrict access.
The better solution is to tell the server to only serve the directory /var/www/projectX/public as document root. This will prevent HTTP access to script A and the vendor folder, and access to script B is done via http://example.com/script.php.
In both cases, both scripts successfully include the autoloading of Composer because the restrictions of HTTP access do not apply to filesystem access.
Bad website hosting allows you only to use the first scenario, with the only accessible directory for you being directly the document root, without a method to change it.
More sophisticated website hosting ís using a fixed subdirectory like public or html or webroot as the document root, allowing you to hide sensitive files from ever being served via HTTP.
The best website hosting allows you to select which subdirectory should be hosted as document root.
In any case, the path pointing from a script to Composers autoload.php is not affected at all.
I'm having a real brain fart right now, and forgot whats required in httpd.conf to include files from directories outside the web root folder. The whole idea is that I can call files from other folders, without listing the location in the HTML/PHP source files.
Having a hard time searching through google and apache's site, could someone refresh my memory?
EDIT: Example, I'm using 'require_once "pdo-db-conn.php";' in a PHP file, but php-db-conn.php is actually outside the web root. The idea is that I don't need to list the external directory within my production php source code.
I've done it before, and it included listing directories which apache would search for files.
For Apache, you are looking for either Alias or AliasMatch.
For PHP, you are looking for include_path
i'm using Xampp. When I tried to do this earlier, it worked, but now it is not working.
I'm trying to make a directory in my www folder to hide it from baddies who steal files.
Each user gets their own folder in uploads to put their files on.
Xampp uses apache, and Xampp is a local web server. It allows me to design websites without the need of an online host. The www folder is in my C:\program files\xampp\php\www\ and I need to make a directory there. I know it's possible because i've done this before, I have just forgotten how to make it happen.
When I make a directory I use:
$uploaddir1 = "xampp/php/www/uploads/".$esclcusername."/";
mkdir($uploaddir1,0777);
Do I need to include C:\program files\ before xampp?
And finally, how would this be possible on a real online web host?
I saw your question here and searched some on google. This is what i found:
mkdir("D:/hshome/rubygirl58/gameparody.com/clansites/".$sitename."/lib", 0777)
So yes, I think you have to include the complete path.
Greetings,
Younes
you need to make sure that you give permisions to the parent folder to create dirs in it (0777)
to get the full path you can use dirname(FILE) wich will return the path for the directory of the file in wich it is runned
Where would
set_include_path("../../");
point to?
I am trying to run some PHP code on a standard XAMPP server. And put my stuff into the htdocs folder. The includes point to relative paths, But it does not work. Is there any best-practise for includes? The code has to run on machines of multiple developers.
Relative path should work fine (warning: apache on windows, as I know, don't follow the simlinks, or whatever are called on that os).
Maybe you should use the syntax (in order to avoid problem with different php versions)
ini_set('include_path', 'yourdir');
and test the return value to see if all is ok.
Turning to the best practices:
To me setting an configuration directive into a script, expecially if project-wide, is wrong, or at least dangerous.
A better practice is to put the directive into the .htaccess file in the directory that contains your php files project.
Even better, it is faster, put the directives into the appropriate virtualhost section of your apache config. For develop, though, .htaccess is more flexible and therefore preferable.
It should be something like this:
php_value include_path ".:../..:<your path collection>"
Doing this lets you share the php configuration w/o have fiddling with the ini_set directive in every php file you write.
Not to mention that if you have a special file that needs a custom include_path, you can set it in the file and this will be evident to everyone at a very rapid glance.
Two directories down from where the file (or the file which included it) is running from.
As for best practices there are only two advices i can give you.
Use relative paths.
If relative paths are giving you trouble, use an absolute path as a single static variable and the developers only change that one variable.