PDA

View Full Version : php accessing directories not under public_html?


Rich
12-20-2003, 10:34 AM
I'm trying to work on some PHP scripts.

The general feeling is to put sensitive information in an include file which is kept 'above' the html directory as an added level of security.

my script is in:

www.mydomain.com/subdirectory/script.php

which really is /domains/mydomain.dom/public_html/subdirectory/script.php

Ok so far...

I put a file in /subdir2/scripthelp.php (not under public_html)

and tried to include it in script.php like this

include '/subdir2/scripthelp.php';

It doesn't work!

I get a can't open stream error. It shows my php include path as .:/usr/local/lib/php which I can't find at all on my server.

Note: safe_mode_include_dir is not set.

So do I have to place my include directory according to the 'php_include_path' setting? If so, where is '/usr/local/lib/php'?

Is this a php configuration thing? Am I not able to include files 'above' the html root? Most PHP programming says that I should be able to include files on the local server by directly accessing the directory.

If I can't include files above the html root, is there another recommended way to protect sensitive information inside of scripts?

Oh, yes the file does exist!

Does anyone have a clue?

Thanks!
Rich
eugene
12-20-2003, 01:18 PM
If your script is in /domains/mydomain.dom/public_html/subdirectory/script.php
and your include file is in /domains/mydomain.dom/includedir/subdir2/scripthelp.php, then just do an include("../../includedir/subdir2/scripthelp.php");.
Or, if you desire an absolute path,
include("/home/USERNAME/domains/DOMAIN/includedir/subdir2/scripthelp.php");

(Remember that the absolute path actually is /home/USERNAME.)
-Eugene
eugene
12-20-2003, 01:25 PM
Rich-
Another way to to this is to put the files in a subdirectory under public_html and then protect the directory (via username/passwd). An include will not need to use the password to access the files, but anyone navigating to the URL of the file will encounter the login prompt.
-Eugene
Rich
12-20-2003, 06:08 PM
Eugene,

Thanks, you led me to the solution to this problem!

It is actually this path for absolute reference:"/home/USERNAME/subdir2/scripthelp.php"

Somehow I didn't know my 'root' was really '/home/USERNAME'

I had my 'subdir2' in my root so I needed to use /home/USERNAME/subdir2, not just /subdir2.

Note that is is NOT under 'domains' as you mentioned.

This is the KEY: the root path actually is /home/USERNAME.)