php include - above root directory

Discussion in 'Scripts, 3rd Party Apps, and Programming' started by tillabong, Jan 10, 2010.

  1. tillabong

    tillabong New Member

    if i want to include a sensitive file like a database login, where should i place the file when i upload to x10hosting server? if my root directory is public_html/www.mywebsite.com do i place it at public_html/databaselogin folder? and how do i link to that file using php include?

    thank you very much.
  2. vishal

    vishal -::-X10 Guru-::- Community Support

    u can use any folder inside public_html or there itself
    U can use include function in any php file to link it
    For eg
    <?php
    include("includes/connection.php") // includes is the folder where connection.php is located
    ?>
  3. tillabong

    tillabong New Member

    but the php include function only allows me to include files that are in my root folder which in this case is public_html/www.mysite.com. i want to store my database login above the root folderlike public_html/databaselogin for security purposes.
  4. vishal

    vishal -::-X10 Guru-::- Community Support

    U mean outside the root folder i e.(www.mysite.com -root) and u wanna place databaselogin in public_htnl or wht
  5. tillabong

    tillabong New Member

    yes i would like to place the file outside the root folder. and use php include to put it on my site.
  6. vishal

    vishal -::-X10 Guru-::- Community Support

    Since the database login is in the root folder u should use
    <?php
    include("databaselogin.php") // since in root folder no path is req
    ?>
    try this this must solve ur problem
  7. tillabong

    tillabong New Member

    my root folder is public_html/mysite.com. the database login file is in public_html/databaselogin folder which is outside the root folder. so the php include you wrote wont work.
  8. vishal

    vishal -::-X10 Guru-::- Community Support

    Try referring absolute path....
    Is this a addon domain.
  9. tillabong

    tillabong New Member

    ok i figured it out myself already. thanks anyway ;).
  10. marshian

    marshian New Member

    I lol'd :p

    If you want to "secure" a script, don't put it in public_html at all, you can put it even higher than that. (eg. make a directory nonpublic_html)
    As vishal2 (finally) noticed in the end, you can use absolute paths ("/home/username/public_html/script.php" for example), or perhaps easier: relative paths can do this too.
    To refer to the directory above the one you're currently in, use "..".

    So, if you have a script in public_html/site.com and want to refer from there to a script public_html/nonpublic/script.php, you can use
    PHP:
    include "../nonpublic/script.php";
    Edit: sorry, too late :(
    Last edited: Jan 10, 2010
  11. vishal

    vishal -::-X10 Guru-::- Community Support

    marshian u made an important point...... good i support u
  12. misson

    misson Community Paragon Community Support

    If you want to make things really simple, put an init.php in ~/public_html and include it with a include_once($_SERVER['DOCUMENT_ROOT'] . '/init.php'). Within init.php, add top-level include paths:
    PHP:
    // add ~/include/php and doc root to include path
    set_include_path(get_include_path() 
            . 
    PATH_SEPARATOR dirname($_SERVER['DOCUMENT_ROOT']) . '/include/php'
            
    PATH_SEPARATOR $_SERVER['DOCUMENT_ROOT']);
    If you want to get fancy, define a function to append to the include path:
    PHP:
     function addToIncludePath($path) {
        
    $currIncPath get_include_path();
        if (!
    preg_match('#(^|' PATH_SEPARATOR ')'.preg_quote($path'#').'(' PATH_SEPARATOR '|$)#'$currIncPath)) {
            
    set_include_path($currIncPath PATH_SEPARATOR $path);
        }
    }
    If you're on paid hosting, you can set auto_prepend_file (with php_value in .htaccess) to make this even easier, including init.php implicitly. At that point you can set include_path directly, but doing it in init.php means it's auto-configuring; you don't need to have a different configuration for your development and live servers.
    Last edited: Jan 10, 2010
  13. vishal

    vishal -::-X10 Guru-::- Community Support

    Really helpfull misson, thks for the info
  14. tillabong

    tillabong New Member

    thanks for all the help. but how do you include a file that is not under /home/user/public_html. lets says i put it in /home/user/databse folder.how do i use php include to direct the file there?

    if my root folder is /home/user/public_html/mysite.com and i put my database log in file above my root site but still under public_html folder. why wont it be safe? cause my root directory is still /home/user/public_html/mysite.com and people cant access files above my root directory if they access my website right?

    sorry i know thats a bit too many questions. im really new at this. hope you guys could help me out. thanks.
  15. vishal

    vishal -::-X10 Guru-::- Community Support

    U can use relative path like inclued "/home/user/databse.php"
    If you looking for more security u will have to begin from the first.Try using relative path it nust work
  16. tillabong

    tillabong New Member

    it doesnt work.
  17. vishal

    vishal -::-X10 Guru-::- Community Support

    Sorry, i will give a try to solve it and if i get i will post you
  18. Anna

    Anna I am just me Staff Member

    I do believe that to be able to include a file not in the public_html folder (or one of its subfolders), you'll need to use absolute path.

    Should be something like: /home/cpanelusername/path/to/script/script.php
  19. vishal

    vishal -::-X10 Guru-::- Community Support

    I just tried using relative path and it just working fine... I dont know why you ends up with error
  20. tillabong

    tillabong New Member

    i created a folder home/user/Database and i put the database login file in that folder using php include.

    include_once '/home/user/Database/db_connect.php';

    and it gave this error.

    include_once(/home/user/Database/db_connect.php) [function.include-once]: failed to open stream: No such file or directory
    Last edited: Jan 13, 2010

Share This Page