Since you can use fopen, I don't think open_basedir is the problem.
Read about open_basedir here: http://us3.php.net/features.safe-mode
Maybe the path that you use in the include is wrong?
/Mattias
Andre Dubuc wrote:
Hi,
I am trying to 'insulate' my database connection from prying eyes by moving
the db connection code to a directory above docroot and then calling it by an
include. However, my IP has an open_basedir restriction in effect that
defeats what I'm trying to do.
Perhaps I'm unclear what what the open_basedir does, and perhaps IP is
protecting me from an even worse security risk. However, I can call, using
fopen, many counter code pages that reside in the directory above docroot -
so I'm confused here. Perhaps it's the use of include - is there another way
to do this?
*******************************************************************************************
The code so far:
On any page that needs a db connection (in docroot path):
<?php
....
include("db-conn.php");
...
?>
Db code page (located in directory above docroot):
<?php
$db = pg_connect("dbname=site user=confused password=toughone");
?>
Tia,
Andre
--
More views at http://www.thorslund.us
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
