Posted by Michael Fesser on 06/24/07 16:57

..oO(J.O. Aho)

>Steven Borrelli wrote:
>
>> When you say the PHP includes have nothing to do with the web server,
>> that is somewhat confusing.
>
>The web server won't load the included files, it won't have a clue what has
>been included, as this is handled by the PHP parser module.

Yep. You can even use includes in command line scripts (PHP-CLI), where
absolutely no webserver is involved. It's always a direct file access,
done by the PHP interpreter itself.

>> If I have my index.php, and I have a call to a php include within
>> that, and also another php include within the first include, and all
>> the includes have the .php file extension, will everything be parsed
>> and appear like it's supposed to?
>
>The extension has nothing to do with if the file will be parsed or not, but of
>"security" reasons it's vise to set the php extension to the include files too.

Depends on where the files are stored. It's much more secure to put
include files _outside_ of the webserver's document root, so they can't
be accessed by a URL at all.

Micha

• Next in forum: Re: creating image database
• Prev in forum: Re: limit of a variable
• Thread view: Re: Parsing a php include (which also contains php code) - or "Reparsing" the php file

[Reply to this message]