Five ways to create include path for PHP



One thing that people often complain about PHP is that there are always more than one way to do the same thing in PHP. This is very true for PHP includes. Here are 5 ways to create PHP include path.

1. Use php.ini

2. Use .htaccess

3. Use ini_set function

4. Use set_include_path function

5. Manually code the path

Method #1: Use php.ini to create include path

If PHP is compiled as a CGI binary, you can use php.ini to create include path. If you have no direct access to php.ini on the web server (e.g. you are using shared web hosting), you can create a custom php.ini on your hosting account's web root directory. Note that, you need to place your custom php.ini in every folder where include path is used.

To create include path in your php.ini file, download your current php.ini from your website by using a FTP client, or create a new one if you don't have it yet. Open php.ini file in your favorite text editor and add include path in either of the following two ways:

1. Include folder is at your hosting account's home directory.

   It's a good idea to create include folder at the home directory level (which is one level above the public_html folder) so that sensitive files are placed outside the publicly accessible web folder (where public_html is) - just an extra precaution.

   Add the following line in your custom php.ini file:

   include_path = ".:/home/your_cpanel_username/your_include_folder_name"

   Make sure to replace your_cpanel_username with your actual cPanel username and replace your_include_folder_name with the actual folder name you have created in your hosting account's home directory.

   Setting up include path this way is recommended as no one can access folders in your home directory which is one level higher than your web root (public_html) directory.

2. Include folder is at your hosting account's web root directory.

   Web root directory is the folder you place all your web pages. When you connect to your hosting account via a FTP client, you should normally see a folder called public_html. This is the web root directory. Note that it might be named as something else by your hosting company. Please refer to your hosting account setup email or contact your hosting company if you are not sure.

   Add the following line in your custom php.ini file:

   include_path = ".:/home/your_cpanel_username/webroot/your_include_folder_name"

   Make sure to replace your_cpanel_username with your actual cPanel username. Replace webroot with the actual folder name of the web root directory (e.g. public_html), and replace your_include_folder_name with the actual folder name you have created in your hosting account web root directory.

   Note that there is a potential security issue related to the include folder if it's placed in web root directory. Click here to jump to the bottom section of this page to see how to fix it.

3. On Windows, the include folder can be any folder on your hard disk.

   For example, two include paths defined in php.ini for my local site:

   include_path = ".;C:\test;C:\php\PEAR"

   php.ini is at C:\WINNT on Windows 2000 or Windows XP.

Note: Separate each include path by : (colon) on a Unix/Linux system. On Windows, the separator is ; (semi-colon).

Here is the example given in php.ini file in C:\WINNT folder:

UNIX: "/path1:/path2"

Windows: "\path1;\path2"

Method #2: Use .htaccess to create include path

If PHP is compiled as a Apache module, you can use .htaccess to create include path. This file is placed at your web root directory.

Download your .htaccess file if you have got one or create a new one. .htaccess is just a text file and can be edited by using a text editor.

Open .htaccess in your text editor and use either of the following three options:

1. Include folder is at your hosting account's home directory.

   Add the following line in your custom .htaccess file:

   php_value include_path ".:/home/your_cpanel_username/your_include_path"

   Make sure to replace your_cpanel_username with your actual cPanel username and replace your_include_path with the actual folder name you have created in your hosting account home directory.

   Setting up include path this way is recommended as no one can access folders in your home directory which is one level higher than your web root (public_html) directory.

2. Include folder is at your hosting account's web root directory.

   Add the following line in your .htaccess file:

   php_value include_path ".:/home/your_cpanel_username/webroot/your_include_path"

   Make sure to replace your_cpanel_username with your actual cPanel username. Replace webroot with the actual folder name of the web root directory (e.g. public_html), and replace your_include_folder_name with the actual folder name you have created in your hosting account web root directory.

3. On Windows, the include folder can be any folder on your hard disk.

   For example, two include paths defined in .htaccess for my local site:

   php_value include_path ".;C:\test;C:\php\PEAR"

   Note that if you use .htaccess to create include path, it causes conflict with the one created in your php.ini file. You can only create include path in either .htaccess or php.ini on Windows but not both.

Method #3: Use ini_set function

ini_set function sets the include_path configuration option and can be used in individual php file to create php settings on the fly. As it only works for the duration of the script, it has a slight performance penalty as ini_set is called every time the page runs. Not recommended.

ini_set works in all PHP versions.

Example 1: Include path is a relative path to a PHP page at web root.

Example 2: Include path is a relative path to a PHP page at /product/

For detailed information about absolute path and relative path, refer to article Absolute Path and Relative Path Explained.

Method #4: Use set_include_path function for PHP version >= 4.3.0 or PHP 5

set_include_path sets the include_path configuration option and can be used in individual php file to create php settings on the fly. As it only works for the duration of the script, it has a slight performance penalty as set_include_path is called every time the page runs. Not recommended.

Example 1: Include path is a relative path to a PHP page at web root.

Example 2: Include path is a relative path to a PHP page at /product/

Example 3: this example is from PHP.net website

Note that get_include_path retrieves the current include path defined in php.ini file.

PATH_SEPARATOR is a PHP constant. Making use of the PATH_SEPARATOR constant, it is possible to extend the include path regardless of the operating system. Based on what the operating system is, it can be used to get the separator character (used in php.ini) on the fly. On a Unix/Linux system, the separator is : (colon). On Windows, the separator is ; (semi-colon).

PATH_SEPARATOR concatenates the include path defined by you to the one defined by your hosting company.

UNIX: "/path1:/path2:/path3"

Windows: "\path1;\path2;\path3"

Method #5: Manually code the include path in PHP page.

You can define what folder is you include path in a PHP page like below. Note that, similar to ini_set or set_include_path, you need to use this code in individual PHP pages and it only lasts for the duration of the script.

$_SERVER["DOCUMENT_ROOT"] returns the web root directory.

How to secure files in the include folder

If you have placed the include folder in web root directory, because it can be accessed by anyone via internet and include files could contain sensitive information such as database password, you should always consider securing the folder and files in it.

Normally, if the files in your include folder use file extension .php, or any other scripting file extensions such as .pl, .asp, .jsp, viewing the page should not reveal page content because these files are processed by web servers before the rendered HTML is sent to viewer's web browser. To have a 100% peace of mind and prevent any unfriendly probe attempt, it's always a good idea to secure the folder.

There are two ways to secure the include folder:

1. Use .htaccess file

   This is the easier way to do. Create a .htaccess file and place it in the include folder. Inside .htaccess file, add the following line:

   deny from all

   This denies anyone from accessing files in the include folder. Basically, a 403 Forbidden page is displayed when someone tries to view any page in this folder.

   

2. Set access permissions on the include folder

   The screenshot below is FileZilla's file attributes window. FileZilla is a open source free FTP client.

   To secure your include path, connect to your hosting account via FTP client and browse to your web root. Right-click on the include folder name and select File Attributes. Three are three frames to manage three types of users - Owner, Group, Public. For Public Permission, uncheck all three checkboxes. This will prevent users from accessing files in this directory from internet.

   

Hope this article has given you some new ideas about creating include path in PHP. Happy PHPing!


Copyright© GeeksEngine.com

Related Articles: 1. Steps to install PHP 5.x on Windows as a development machine 2. How to install Apache 2.x web server on Windows 3. How to connect two different versions of MySQL server on the same computer 4. How to configure MySQL server 5.1 on Windows 5. How to install MySQL server 5.1 on Windows with screenshots 6. How to use Date and Time data as integer value in PHP and MySQL 7. How to use Apache Virtual Host to run multiple local websites on Windows 8. Install all PEAR packages by yourself 9. How to install PEAR on Windows 10. How to use PHP and Microsoft SMTP Virtual Server to send emails 11. How to install PHP server-side scripting language on Windows 12. How to install Apache 1.3 web server on Windows 13. How to install two different versions of MySQL server on the same PC 14. How to configure MySQL server 4.1 on Windows 15. How to install MySQL server 4.1 on Windows with screenshots 16. Export Northwind Access database to MySQL via ODBC Other Recent Articles from the Web Development category: 1. Java / JSP lost session value on redirect - FIXED 2. Fix the problem with PHP5 XML removeChild() method 3. How to integrate PHP HTML Help .chm file with Crimson Editor 4. How to Connect to a MySQL Database from PHP 5. Use MySQL String Functions to Build Printable ASCII Character Chart 6. How to use Date and Time data as integer value in PHP and MySQL 7. Absolute Path and Relative Path Explained