Jump to content
xisto Community
Sign in to follow this  
ghostrider

Include() Statements

Recommended Posts

If I include a PHP file from another web server, will it return the output of the PHP file, or the actual contents of the PHP file? My guess is the first one, but can anyone confirm this? Thanks.

Share this post


Link to post
Share on other sites

the actual content will be inserted wherever you put the include(). include() is like inserting the content of the file. Take note that both include() and require() functions treats the inserted text from a file as HTML text. Meaning if you want the include() and require() function to insert the text as PHP codes you have to enclose it with the PHP tag <?PHP ?>.

Share this post


Link to post
Share on other sites

INCLUDE, unlike REQUIRE, will continue whether the file being included is correct or not. It will try to digest and if it encounters error, INCLUDE will keep on going to the next set of commands/lines etc.Because of this voracious appetite of parsing, all functions and classes segregated from the main PHP files are usually named filename.inc.php.If you want to include functions that returns some value, you should have the including file as filename.inc.php.

Share this post


Link to post
Share on other sites

Another couple of thing about "includes" which should be considered: By using a PHP file extension, in the odd chance that someone tries to "view" the file on your account, if the filename ends in ".php" (or another file extension which has been determined to be parsed as php according to the rules in your .htaccess file), the script contents will not be viewable in their Browser, only the HTML output would be shown to them, whereas a file ending in "inc" is merely a text file which can be viewed. This is particularly important for information which should be "secured", like your Database Configuration information with database names and passwords.Another thing, use the "include_once()" and "require_once()" if the contents of the include contains information which could affect the value of your variables. An example, again would be the config.inc. In a situation where you might be adding a variety of includes, each of which might call other includes, etcetera, and some of the includes may have been already opened, ie: a database config file, or a functions.inc which has a series of define statements, the "*_once()" will only allow that file to be called the first time so that any values do not get reset.And the difference between an "include()" and "require()" is the script will terminate on an error if the require() is used. A situation where you might consider using the require() is for opening sensitive files and don't wish the client to view the data contain in the error, for example, the database connection information, or the locations of the included files.While I am spouting here, additional security can be achieved by locating the included files "above" your public_html folder, in the account root folder. On the Apache servers like what the Trap uses, if the file is in the public_html folder, it can potentially be accessed from the Web directly by URL. When it is located "upstream" of the public_html folder, it would be doubly secure with a php file extension.All of these methods enhance the security of your data and files, and these security measures can all be in effect, yet your site remains at risk. Files and accounts and servers are never completely secure against attacks. Security is not "on" or "off". Security is a continuum. There is "more security" and "less security". Complete security is a situation where the files are on a CD or DVD in a desk drawer, but then they are not web-accessible. So, it is important to know and implement the security measures you can feel comfortable with while remembering that more security means potentially less access. That is the trade-off you must measure.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.